URL: https://nets4.com/domain/jesus.co
Submission: On March 13 via api from US — Scanned from DE

Summary

This website contacted 57 IPs in 10 countries across 50 domains to perform 429 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is nets4.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2021. Valid for: a year.
This is the only time nets4.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
32 2a06:98c1:312... 13335 (CLOUDFLAR...)
11 2606:4700::68... 13335 (CLOUDFLAR...)
3 18.66.248.50 16509 (AMAZON-02)
17 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:27::... 8075 (MICROSOFT...)
5 52.224.31.34 8075 (MICROSOFT...)
32 34.227.128.233 14618 (AMAZON-AES)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a04:4e42:400... 54113 (FASTLY)
5 2a04:4e42:600... 54113 (FASTLY)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 204.79.197.200 8068 (MICROSOFT...)
5 2a00:1450:400... 15169 (GOOGLE)
28 142.250.185.194 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
70 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
47 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
14 34 142.250.184.194 15169 (GOOGLE)
4 10 2.21.141.232 16625 (AKAMAI-AS)
4 7 185.33.220.216 29990 (ASN-APPNEX)
1 ()
12 138.201.63.116 24940 (HETZNER-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 142.250.184.226 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 4 144.76.238.55 24940 (HETZNER-AS)
3 138.201.84.252 24940 (HETZNER-AS)
9 9 145.239.193.130 16276 (OVH)
5 88.198.250.30 24940 (HETZNER-AS)
2 4 142.250.185.102 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 54.76.176.197 16509 (AMAZON-02)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
6 46.236.13.147 12703 (PULSANT-AS)
2 2 94.23.99.218 16276 (OVH)
1 2600:1901:0:7... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
4 4 37.157.6.246 198622 (ADFORM)
1 1 2600:9000:225... 16509 (AMAZON-02)
2 108.157.214.118 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 35.244.159.8 15169 (GOOGLE)
2 104.92.106.130 16625 (AKAMAI-AS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 88.99.165.19 24940 (HETZNER-AS)
1 6 104.92.94.3 16625 (AKAMAI-AS)
1 1 95.100.153.115 20940 (AKAMAI-ASN1)
1 151.101.2.110 54113 (FASTLY)
2 4 2001:678:cb4:... 56396 (AMOBEE)
1 1 169.50.137.184 36351 (SOFTLAYER)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
1 1 35.190.0.66 15169 (GOOGLE)
3 3 213.19.147.45 3356 (LEVEL3)
3 4 185.94.180.126 35220 (SPOTX-AMS)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
3 138.201.63.150 24940 (HETZNER-AS)
1 2620:116:800d... 16509 (AMAZON-02)
2 2 18.194.22.119 16509 (AMAZON-02)
1 1 185.29.132.241 30419 (MEDIAMATH...)
2 2 18.197.240.17 16509 (AMAZON-02)
2 2 213.155.156.181 1299 (TWELVE99 ...)
2 52.30.107.253 16509 (AMAZON-02)
429 57
Apex Domain
Subdomains
Transfer
119 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
5e4a4d08a576fabd6d7653ea67d1e7cf.safeframe.googlesyndication.com
c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
540b893fe6af5ae4cbc70fa62bb6f302.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
23a21fe3ea42696fcc14fdc866388b53.safeframe.googlesyndication.com
25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
644 KB
77 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 71352
8019191.fls.doubleclick.net — Cisco Umbrella Rank: 206017
1 MB
35 purpleads.io
cdn.purpleads.io — Cisco Umbrella Rank: 176762
api.purpleads.io — Cisco Umbrella Rank: 157725
50 KB
32 nets4.com
nets4.com
img.nets4.com
s0.nets4.com
208 KB
28 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 57
31 KB
25 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 28803
hal900021.redintelligence.net — Cisco Umbrella Rank: 208145
hal900024.redintelligence.net — Cisco Umbrella Rank: 198455
hal900028.redintelligence.net — Cisco Umbrella Rank: 180551
hal90008.redintelligence.net — Cisco Umbrella Rank: 200189
188 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 2174
ad4m.at — Cisco Umbrella Rank: 1742
assets.ad4m.at — Cisco Umbrella Rank: 32740
594 KB
11 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 39406
medialead.de — Cisco Umbrella Rank: 38865
5 KB
11 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
271 KB
10 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
9 KB
9 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
2 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
522 KB
8 openstreetmap.org
a.tile.openstreetmap.org — Cisco Umbrella Rank: 13366
b.tile.openstreetmap.org — Cisco Umbrella Rank: 13554
c.tile.openstreetmap.org — Cisco Umbrella Rank: 13588
45 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 916
h.clarity.ms — Cisco Umbrella Rank: 1867
c.clarity.ms — Cisco Umbrella Rank: 547
25 KB
7 awin1.com
www.awin1.com — Cisco Umbrella Rank: 13937
a1.awin1.com — Cisco Umbrella Rank: 48672
29 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
7 KB
6 webgains.com
track.webgains.com — Cisco Umbrella Rank: 35662
95 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
214 KB
5 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 39676
1 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
ajax.googleapis.com — Cisco Umbrella Rank: 251
92 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 480
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 690
r.turn.com — Cisco Umbrella Rank: 2672
2 KB
4 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 18655
api.webgains.io — Cisco Umbrella Rank: 47350
102 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 524
2 KB
4 ad-server.eu
www.ad-server.eu — Cisco Umbrella Rank: 228115
ad-server.eu — Cisco Umbrella Rank: 64653
10 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
21 KB
3 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1207
cloudflareinsights.com — Cisco Umbrella Rank: 1193
5 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4364
720 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 257
2 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 730
2 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 491
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1032
830 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 870
344 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 323
419 B
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
ads.yahoo.com — Cisco Umbrella Rank: 816
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2666
207 B
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 91678
static-de.ad4mat.net — Cisco Umbrella Rank: 128562
4 KB
2 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 3666
34 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 384
861 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
464 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 829
582 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 18240
523 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 707
710 B
1 awin.com
ui2.awin.com — Cisco Umbrella Rank: 52766
103 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 698
438 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
32 KB
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 202756
931 B
1
function sub() { [native code] }.
17 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 193
554 B
429 50
Domain Requested by
59 pagead2.googlesyndication.com securepubads.g.doubleclick.net
nets4.com
c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
uuid
c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
www.googletagservices.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
47 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
googleads.g.doubleclick.net
nets4.com
uuid
c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
34 cm.g.doubleclick.net 14 redirects googleads.g.doubleclick.net
25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
32 api.purpleads.io cdn.purpleads.io
28 securepubads.g.doubleclick.net cdn.purpleads.io
securepubads.g.doubleclick.net
nets4.com
18 img.nets4.com nets4.com
17 www.google.com nets4.com
www.gstatic.com
www.google.com
tpc.googlesyndication.com
c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
uuid
c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
12 hal9000.redintelligence.net c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
uuid
hal900024.redintelligence.net
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
hal900028.redintelligence.net
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
hal90008.redintelligence.net
11 adservice.google.com securepubads.g.doubleclick.net
5994599.fls.doubleclick.net
8019191.fls.doubleclick.net
11 cdnjs.cloudflare.com nets4.com
cdnjs.cloudflare.com
11 nets4.com nets4.com
10 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
9 pv.medialead.de 9 redirects
9 googleads.g.doubleclick.net c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
nets4.com
uuid
c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
9 adservice.google.de securepubads.g.doubleclick.net
7 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
6 www.awin1.com 1 redirects as.ad4m.at
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
6 assets.ad4m.at as.ad4m.at
6 track.webgains.com nets4.com
uuid
as.ad4m.at
6 www.googletagservices.com c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
uuid
c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
5 pb.media01.eu hal900021.redintelligence.net
hal900024.redintelligence.net
as.ad4m.at
hal900028.redintelligence.net
hal90008.redintelligence.net
5 www.gstatic.com www.google.com
5 h.clarity.ms www.clarity.ms
h.clarity.ms
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 c1.adform.net 4 redirects
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
4 hal900021.redintelligence.net 1 redirects c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
hal900021.redintelligence.net
4 fonts.googleapis.com cdn.purpleads.io
hal900024.redintelligence.net
hal900028.redintelligence.net
hal90008.redintelligence.net
3 hal90008.redintelligence.net hal9000.redintelligence.net
hal90008.redintelligence.net
3 hal900028.redintelligence.net hal9000.redintelligence.net
hal900028.redintelligence.net
3 ad-server.eu uuid
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
3 hal900024.redintelligence.net hal9000.redintelligence.net
hal900024.redintelligence.net
3 s0.2mdn.net c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
3 c.tile.openstreetmap.org
3 a.tile.openstreetmap.org
3 s0.nets4.com nets4.com
3 cdn.purpleads.io nets4.com
2 api.webgains.io analytics.webgains.io
2 d5p.de17a.com 2 redirects
2 x.bidswitch.net 2 redirects
2 pm.w55c.net 2 redirects
2 sync.1rx.io 2 redirects
2 sync.tidaltv.com 2 redirects
2 r.turn.com 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 analytics.webgains.io track.webgains.com
2 dclk-match.dotomi.com 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
2 medialead.de 2 redirects
2 8019191.fls.doubleclick.net 1 redirects nets4.com
2 5994599.fls.doubleclick.net 1 redirects nets4.com
2 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 googleads4.g.doubleclick.net nets4.com
2 c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cloudflareinsights.com static.cloudflareinsights.com
2 c.clarity.ms 1 redirects
2 b.tile.openstreetmap.org
2 static.addtoany.com nets4.com
2 www.google-analytics.com nets4.com
www.google-analytics.com
1 sync.mathtag.com 1 redirects
1 cms.quantserve.com 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
1 ads.yahoo.com googleads.g.doubleclick.net
1 sync.targeting.unrulymedia.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 um.simpli.fi 1 redirects
1 a1.awin1.com hal900028.redintelligence.net
1 ui2.awin.com 1 redirects
1 static-de.ad4mat.net as.ad4m.at
1 s.ad.smaato.net 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 www.googletagmanager.com adv.office-partner.de
1 prod-rtb.ad4mat.net nets4.com
1 adv.office-partner.de hal900024.redintelligence.net
1 www.ad-server.eu hal900021.redintelligence.net
1 ajax.googleapis.com hal900021.redintelligence.net
1 23a21fe3ea42696fcc14fdc866388b53.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 uuid securepubads.g.doubleclick.net
1 540b893fe6af5ae4cbc70fa62bb6f302.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 5e4a4d08a576fabd6d7653ea67d1e7cf.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 c.bing.com 1 redirects
1 www.clarity.ms nets4.com
1 static.cloudflareinsights.com nets4.com
429 88

This site contains links to these domains. Also see Links.

Domain
blog.nets4.com
link.nets4.com
jesus.co
leafletjs.com
www.openstreetmap.org
www.addtoany.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-04-29 -
2022-04-28
a year crt.sh
*.purpleads.io
Amazon
2021-12-01 -
2022-12-29
a year crt.sh
www.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2022-02-27 -
2023-02-27
a year crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01
2021-07-27 -
2022-07-27
a year crt.sh
*.tile.openstreetmap.org
GlobalSign Atlas R3 DV TLS CA H2 2021
2021-11-26 -
2022-12-28
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.google.de
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
redintelligence.net
R3
2022-01-27 -
2022-04-27
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-05-27 -
2022-05-27
a year crt.sh
adv.office-partner.de
R3
2022-03-07 -
2022-06-05
3 months crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA
2021-05-20 -
2022-06-20
a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4
2022-02-19 -
2022-05-20
3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2021-08-10 -
2022-09-11
a year crt.sh
*.webgains.io
Amazon
2022-02-10 -
2023-03-11
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
teads.tv
R3
2022-01-03 -
2022-04-03
3 months crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA
2021-06-11 -
2022-06-16
a year crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-02-07 -
2022-03-30
2 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh

This page contains 72 frames:

Primary Page: https://nets4.com/domain/jesus.co
Frame ID: 399F3A4FE8B9779D34296E97942D4DB0
Requests: 85 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.22.html
Frame ID: 01E8AED839EAB6C4C4B3331DFE09E8C3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=normal&cb=ve3qzsoefmf9
Frame ID: 02A199CB300C0FA3ADB75BE9BBCEB1AA
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 5A6B9BEF5522163A48605C73AD3EDB4E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: CACD07826972D2E5D5DFD55CCC82AF33
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 468F713350F0FC5D109C28CAB57B101B
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: D6879AD48710DD2A08AED796ACFA93DC
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Frame ID: 1229CA5B25D14440914D217527BF136D
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 5FB77BCEE4F8A734FAE14F3285E4F7B4
Requests: 7 HTTP requests in this frame

Frame: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D633A4EE2A19AC1C15C6EFB6C7DA52D7
Requests: 1 HTTP requests in this frame

Frame: https://5e4a4d08a576fabd6d7653ea67d1e7cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 5EFA90A609A22045E526B01DB1EF561C
Requests: 1 HTTP requests in this frame

Frame: https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 7C5849D93B8FF013E3E36B55E2213A77
Requests: 1 HTTP requests in this frame

Frame: https://540b893fe6af5ae4cbc70fa62bb6f302.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D7F57AD4763CDD34FEE39C6D13FC4301
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B0FB91F3739365A9836AF996AB8566E7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0631AB519AB0D07DDC3F8F99E06F6C20
Requests: 2 HTTP requests in this frame

Frame: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E3CFDC857F55F8005809978DEE0068D7
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 61D8D86111C2DA32915D7A3975EAD5F2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 50E7540F2D87478FED2E3ADCCD7775F8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 95A11147FA3C37BC06C8941BDA095F06
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C11D63F1C7DC495B236E14CCC73AD3E6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EF51B3D182355E31D4D7648F090D4FA5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1805182141073BA25C0E66631169A339
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A14FD28F4227671471C2D88D9C41ADC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2A2FE54CD536359EC9DE33E2D36841F8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNVA6D19NIfd0UzusPG2c7gRgQSKBdI4YhthJ-hLc0st4RZF2i1ySJXxOc2FxtjI5LXu_ehlWlSuPFuLpxu86YVCyAsFzLp0mSM86f6DIHc8c2526iQ3Mpjo9AyL4YKk88I9yLsEfv7V9oCb88XP59mnh7_I0_CqHBTW1MCtfGKNUvONyf0
Frame ID: 63D5E9C9ADA7066049B36A3B0049FC82
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 63EB2453190A60BAC753312F0578772E
Requests: 7 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato&display=swap
Frame ID: 80F0B3D54738CDEBF067CBD79B46CAA7
Requests: 10 HTTP requests in this frame

Frame: https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 6060BBCB264B09608BF8B1F783C60A26
Requests: 14 HTTP requests in this frame

Frame: urn://uuid:52425aa3-28ea-213a-5876-213a28ea5242
Frame ID: 1389B9605E1B4C9EE19CC1C6951442C3
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: B2EDCB80C9D2A6F973C014B1480B2926
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8DFC1A1768BA9471245E914881FCADFD
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWGfZwIHbw5Q-TGVDPXax0V_jvYpeJlzld1NYHeYJRCPxYvKAKLy7RL4nq1i4S7bwhAXA1NMYX1Rc1jzPtfuRmFobDOcjaJZH8sLH061Wej2Dp5rREfBmzYHCeKv3u8_cs2xOcW1cw1rT4liH4Hm5Bb-8MnDluE7EFZ0qDU5r1yJyJk-2s
Frame ID: 5859B2E4BB02BE9A7CA8BD8D0633F4BD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN7YvY8DEImkzJ0DGLGd28QBMAE&v=APEucNV18lTAzB4AK_LqiA2efx5V1akSxjR7egBGmZ4SEobKP5ff9fd4QP-Za2K1dfwvgyKM0OMq3ujJC-OBMvY7Oi7a-a5pOL63KvW0M7JGuh9wQGDVUNAf_EY_I7JSpvphf8Hw9e7VY3oxycr-kL3Xlro52fD5qGe920nMqSn4MW0EZZqIg70
Frame ID: D4618C8AC60DDCB5440125951A3F0EA5
Requests: 5 HTTP requests in this frame

Frame: https://23a21fe3ea42696fcc14fdc866388b53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DB7D8FC99B1DBD6D5C90F75424C93989
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 54FAAAE48EFB6499B9B348459385962F
Requests: 3 HTTP requests in this frame

Frame: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9F39BB8490D9A8ECFEF1CCD47B6D26B2
Requests: 1 HTTP requests in this frame

Frame: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 35CA7380F35CFF934BC183630B617DA9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C6468FB855A3F352BD23C0A4820F9FD6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 599D0234291CA59D922528A502D02A0B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2DFDBD89105F8F0E866A02BB95C38B23
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28434000045773100757585011897021&actionid=981741&produktid=&dt_url=
Frame ID: D3BAF2035A55004456D73F2929EF483D
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CL6Io4_xwvYCFdAaGwodeIUCzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943
Frame ID: 3188D04D871D58966B125D4DBB8BB5AE
Requests: 2 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=28434000045773100757585011897021&a=3497a78c
Frame ID: 035CE806EE7BD2BC1285894F3A1E7D67
Requests: 5 HTTP requests in this frame

Frame: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3F7E3C38A83D36C894F0A3257DDC5F01
Requests: 9 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=49610700065596000710612011897024&actionid=981741&produktid=&dt_url=
Frame ID: 77D05BCF9B2DB84170EAFB0561F6F4B5
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: F146A7D709A43DCA0C85BEE00FFD69CA
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIDBp4_xwvYCFdeEhQodBuMNEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799
Frame ID: BA66F791C9EC50139D83F83C96F4DF8D
Requests: 2 HTTP requests in this frame

Frame: https://hal900024.redintelligence.net/request_content.php?s=49610700065596000710612011897024&a=442b5c9b
Frame ID: C1A53585520E5DC3561D91F281597059
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 731ABB3AAECF058D76E1D7C5CA6678A1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FCE3A270927D977276A3DA694FA2A6EF
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h3evfgqda3erpwq2kg8pcv11npetdqpr79cfkev0ckeg9gx3sc9e84p6g4cgrb45nw4v2wmrkbzr9wwgsn0d04vvb6xfbcz9wp16yxssbbd2xf2na7hczbmk834vqyeyg1c9dxzeph0twv9tgw1wm8rvs8bvpe2r5ejb2egpv1j2vvm5bam7k1qy45d4qdye4ahs7tey8mpp8wsaty92jaxcab2ts9gsqbkgk3smra3gmcdbnk7dfxr3dz3z190gmpbc3x18ghgkhzzgs4zd81nccrya09b7x71mnzg1m7ty6rqe0jtd07xscqxbzxrxr814crpdv3dgrqs4ebkjn12ex3z10fbvewhqa2j3e61n5r24ap4aff6e9f67tn4mwvzvfepxncme3z8pw5famrberrjr73k8ctmfmf7nqe5xhcffpfw8qec39yzk1jjbn0g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%26client%3Dca-pub-5413329544040947%26adurl%3D
Frame ID: AF83E55D278732094AA80883904D8442
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 02B321453C23FDC9E626815BF67BC291
Requests: 9 HTTP requests in this frame

Frame: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 58F3935006051ABBC4E96281D86AC6B3
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVNNHPW9elobr4_tAm76V7jOGi8PYQbnfQQnt8Ckm0BOvREIIxbYh96DkNV7fwjqBXLP2U4eiR-JtzblphFW1J8g3IsTPA4tJDfqS5D2POATwjWAavwWL60TU3QvsiO12F_CDl5Kpa1hfj8Bf-CWojO6AwxW-kEISSsvlJPscncgNeliJg
Frame ID: D6433F51AD48877F125A23F9155FA82E
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: A1836FF2D03FBAC00F59CE4B9B4DFF38
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6E4400C990E29E92CD0BE55CC9E0E971
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D274491B46D3B362DA66F3684CB07081
Requests: 3 HTTP requests in this frame

Frame: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 1D60A9DF15F4195C6B6D4FF9953D09DF
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Frame ID: 865ACEF791B011BE14A331798C699DE0
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0ECAC2E5EA4C1C2ADACBA6E909B312ED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9A690DBE25EF6A69E38B4AF9EF1071D4
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=97124400064943500710612011897028&actionid=981741&produktid=&dt_url=
Frame ID: 8D180EF8E107F3C4B0EB0B5413FC1F70
Requests: 1 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=97124400064943500710612011897028&a=ea19281c
Frame ID: F59D727AC8ECC253FA2494AA3E8A7281
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2C502C3795409DDE8714BACB74A3A10E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81CBA6F2724AE9CD6CF3FD31093A5293
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E6CF3086AFBE3E407EA0B3ABF88720EE
Requests: 9 HTTP requests in this frame

Frame: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F91110D833302F340AFA92A0377BE7EA
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1-OpXTAB&v=APEucNXRxOS81FmBtegPjxJk2mub9I7cbdWXw4Un86Nbc7dbY2EA7Yfced3FIO-Vck_eGx4joHYpI1UKRGBXPWRM3lTEuH9bU2ztI-OJpfOxttldH6UEGRVf0mEV4jh11uCfsKLkxef6mWfj15mMlzoK6GMQvGrIDyqOgi1QLkevST0BSJxbVKY
Frame ID: 7074C70B33D19C2CB49BDB8F84A1BF65
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B5926B6D38375AD9794BD5733511047C
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=71852900055976100757591011897008&actionid=981741&produktid=&dt_url=
Frame ID: 61E69D51A34F3E68B8809EF9F5103254
Requests: 1 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=71852900055976100757591011897008&a=309c087b
Frame ID: 61F13BA1F4F264F40D3104CCBE978987
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1DB53F0615C7128C27038605688661BD
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

Jesus domain statistics - Jesus.co

Detected technologies

Overall confidence: 100%
Detected patterns
  • leaflet.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)

Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

429
Requests

90 %
HTTPS

46 %
IPv6

50
Domains

88
Subdomains

57
IPs

10
Countries

4752 kB
Transfer

10594 kB
Size

51
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=2EC232119FAD420CA963FFF57871D896&RedC=c.clarity.ms&MXFR=36FD174B6F6A620C24C2062D6B6A6CBA HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=2EC232119FAD420CA963FFF57871D896&MUID=003CA7597F3E6ED90046B63F7E556F47
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Request Chain 167
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yi3IDk7X9JUGhnCcR6qUaAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Request Chain 168
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
Request Chain 169
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
Request Chain 210
  • https://hal900021.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=ce5b4e7790&subid=&uid=be8d50cce1e4fb9d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB1faDcgtYve2NMGPrASP0In4BN2t6KhgqNy3x7kK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9DidfI3GWyJxBWGrxOzGNOib5cOH1PXchBV1nb8VWpT5DwsztfLHWKzJn23hzA9L4RVYtJ2MHrznZ5LOFH7geyMVafgcCbpmroLNiYFCDcFi_lqPTXAmj8Y-VaChIWMu_BMyAobdDoLg3ZfoVNaW13K8P_iDbzb--bdOqr4Gks-3eM7IR0_E804eIXhgNmokWhoF7W_5Ckdf4Vdkyf6olP1obY4Nv9arehbebNrVv5No6oLbTeSgfrF1RYkE4erFURDvlNZFAPe9Mk-7lcd9j3VgxLG-7BaDdeZn60VycAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps%26sig%3DAOD64_0q8aB6LlcJa9IQoISwV9LOdwqqdw%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-AFfEQ7Bp-qymjlTJXBTL4ysvSmM0mm2mTWktyuKemMEm7HEt0Bdiima91ss84g5qXJgS5WEM9U1qPpS4KNYZPYrb5azDCgOCvcZI5E-yGW5koSh1gjG4Qjn8oW5DTndX03aqU1Xf_9zYqkZugo64a9gL_QVQ%26cry%3D1%26dbm_d%3DAKAmf-AfrZ-2Gzzg4WW8xoOvUzApGL-zPkPvPHqDYqtmG0ZdlilSqJmuJivnv-x7GDUNAO8C-vit6nFEd498Gn9jPb5Ylz2az06zz9ZcV6-3D16_1G4HY8Q47DcT3HTJbTIPjiediPVkNtxKIWmfLIUgTOryH5yk-kwzYXo-TkBzPGn5VaAnCFBXcxDUugs4KJ4yVMIEo59NLIDkVHyiCwY9LDFt4tJnNCcaNGGD7XxPwYYxsGGSkVTQDlddbaCI_nA6CKYMXjgDO3DTACb3VsjLfZ7amaSryO5HT8s88WLqqEE5c4U6K0OECCS1RNTM1ipDTkPXKz2GbdMiFK80-W-E_RMzbG7a3mgDlYYMtJHsolCYjsgBetYG8sUpIaTXVSMkJvICCiiUNhLShXXhrZRW81QRTg5RNSrMJ_IrBI_EDUrtPZ8hkD-Qf_WC82w54XY-34KH3Dxkh1yaTIH4Rmllzu9fW0qrYQ%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=9505920041827&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900021.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=ce5b4e7790&subid=&uid=be8d50cce1e4fb9d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB1faDcgtYve2NMGPrASP0In4BN2t6KhgqNy3x7kK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9DidfI3GWyJxBWGrxOzGNOib5cOH1PXchBV1nb8VWpT5DwsztfLHWKzJn23hzA9L4RVYtJ2MHrznZ5LOFH7geyMVafgcCbpmroLNiYFCDcFi_lqPTXAmj8Y-VaChIWMu_BMyAobdDoLg3ZfoVNaW13K8P_iDbzb--bdOqr4Gks-3eM7IR0_E804eIXhgNmokWhoF7W_5Ckdf4Vdkyf6olP1obY4Nv9arehbebNrVv5No6oLbTeSgfrF1RYkE4erFURDvlNZFAPe9Mk-7lcd9j3VgxLG-7BaDdeZn60VycAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps%26sig%3DAOD64_0q8aB6LlcJa9IQoISwV9LOdwqqdw%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-AFfEQ7Bp-qymjlTJXBTL4ysvSmM0mm2mTWktyuKemMEm7HEt0Bdiima91ss84g5qXJgS5WEM9U1qPpS4KNYZPYrb5azDCgOCvcZI5E-yGW5koSh1gjG4Qjn8oW5DTndX03aqU1Xf_9zYqkZugo64a9gL_QVQ%26cry%3D1%26dbm_d%3DAKAmf-AfrZ-2Gzzg4WW8xoOvUzApGL-zPkPvPHqDYqtmG0ZdlilSqJmuJivnv-x7GDUNAO8C-vit6nFEd498Gn9jPb5Ylz2az06zz9ZcV6-3D16_1G4HY8Q47DcT3HTJbTIPjiediPVkNtxKIWmfLIUgTOryH5yk-kwzYXo-TkBzPGn5VaAnCFBXcxDUugs4KJ4yVMIEo59NLIDkVHyiCwY9LDFt4tJnNCcaNGGD7XxPwYYxsGGSkVTQDlddbaCI_nA6CKYMXjgDO3DTACb3VsjLfZ7amaSryO5HT8s88WLqqEE5c4U6K0OECCS1RNTM1ipDTkPXKz2GbdMiFK80-W-E_RMzbG7a3mgDlYYMtJHsolCYjsgBetYG8sUpIaTXVSMkJvICCiiUNhLShXXhrZRW81QRTg5RNSrMJ_IrBI_EDUrtPZ8hkD-Qf_WC82w54XY-34KH3Dxkh1yaTIH4Rmllzu9fW0qrYQ%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=9505920041827&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Request Chain 213
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yi3IDk7X9JUGhnCcR6qUaAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Request Chain 214
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
Request Chain 215
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Request Chain 217
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yi3IDk7X9JUGhnCcR6qUaAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
Request Chain 219
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
Request Chain 243
  • https://pv.medialead.de/trck/epv/e99aace94e6e58739f38600d8697fb68?subid=28434000045773100757585011897021&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28434000045773100757585011897021&actionid=981741&produktid=&dt_url=
Request Chain 244
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CL6Io4_xwvYCFdAaGwodeIUCzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943
Request Chain 253
  • https://pv.medialead.de/trck/eview/e99aace94e6e58739f38600d8697fb68?subid=28434000045773100757585011897021 HTTP 302
  • https://www.ad-server.eu/wm/pb/girostart/standard/pb_girostart_728x90.gif
Request Chain 257
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=49610700065596000710612011897024&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=49610700065596000710612011897024&actionid=981741&produktid=&dt_url=
Request Chain 261
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CIDBp4_xwvYCFdeEhQodBuMNEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799
Request Chain 263
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=49610700065596000710612011897024 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=49610700065596000710612011897024 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 300
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBsOVFFJwgwK6eSL4Pc7p1A&google_cver=1&google_push=AYg5qPKSi5GBzdNljXDHdL9TkMQJKFfKpXqeR2Tv4nM9tKGxZWQBp6evl17Uk41e7c9qEuDO04d7X8rQp5siDrNzSvf88vfxwCK4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKSi5GBzdNljXDHdL9TkMQJKFfKpXqeR2Tv4nM9tKGxZWQBp6evl17Uk41e7c9qEuDO04d7X8rQp5siDrNzSvf88vfxwCK4&google_hm=ODkxOTM3OTg5ODM0Mjc4NjcyNQ%3D%3D
Request Chain 302
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJmi2jU6klHhn74MCggbP7U&google_cver=1&google_push=AYg5qPJYU7Hq8fDL401WuXsE-8MzxbaeqczsWAP5VYUfsFsIyHysVcA6gIXoRyXC9bb1gCaERewDlsY9ML0WhGREhyvq3GOgfzbM HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJmi2jU6klHhn74MCggbP7U&google_cver=1&google_push=AYg5qPJYU7Hq8fDL401WuXsE-8MzxbaeqczsWAP5VYUfsFsIyHysVcA6gIXoRyXC9bb1gCaERewDlsY9ML0WhGREhyvq3GOgfzbM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPJYU7Hq8fDL401WuXsE-8MzxbaeqczsWAP5VYUfsFsIyHysVcA6gIXoRyXC9bb1gCaERewDlsY9ML0WhGREhyvq3GOgfzbM
Request Chain 303
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECaVOaymelfgeYrYconjxb0&google_cver=1&google_push=AYg5qPLQFev4h3kO2j01wGyshaNXpEi6FVdWRLB621WPAReuR_Qnd2xkJJDi_nYrKHf0wlwa2FMAcBJ7Nkevc4wDlxeXh7aqjiU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLQFev4h3kO2j01wGyshaNXpEi6FVdWRLB621WPAReuR_Qnd2xkJJDi_nYrKHf0wlwa2FMAcBJ7Nkevc4wDlxeXh7aqjiU
Request Chain 304
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEJY1tLtEy-9ksqRc5cMn87A&google_cver=1&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
Request Chain 320
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHee0S3eXCOUVExUnUTiT0w&google_cver=1
Request Chain 322
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESENxXkIwzqlFKOT9ZyG0HuYw&google_cver=1
Request Chain 347
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=981741&produktid=&dt_url=
Request Chain 353
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=97124400064943500710612011897028&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=97124400064943500710612011897028&actionid=981741&produktid=&dt_url=
Request Chain 355
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=97124400064943500710612011897028 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=97124400064943500710612011897028 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 366
  • https://www.awin1.com/cshow.php?s=2588355&v=18692&q=383790&r=296283&pref1=97124400064943500710612011897028&pv=0 HTTP 302
  • https://ui2.awin.com/ads/awin/18692/imgawinbanner_120x60_122019-1578486349125.jpg HTTP 301
  • https://a1.awin1.com/ads/awin/18692/imgawinbanner_120x60_122019-1578486349125.jpg
Request Chain 368
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1&google_push=AYg5qPI0Q70rhQH60aASjrNAUtcwXI7eRh2RbC5sAIi1lE8RIjlZzqxx1RCCssg8MhzFjGlhB4Z86yV-cLDnZa6jwFmsgwcfF39E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMwOTU5NTQ1MjUzNDY4NTQxNw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1
Request Chain 370
  • https://um.simpli.fi/gp_match?google_gid=CAESEC4UCH2S3L3HTvue98ltUjQ&google_cver=1&google_push=AYg5qPJPwq_pg80jvgu_Rkf2liGiQPkX8M6fMfKDUeio-j-VY61JRQLr2Z2rTWKbtO-TSCI4RRgt4YkRdvV3da7sGqzr-pcDXIzl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5C964958223F48A89FFC7F9C8931A585&google_push=AYg5qPJPwq_pg80jvgu_Rkf2liGiQPkX8M6fMfKDUeio-j-VY61JRQLr2Z2rTWKbtO-TSCI4RRgt4YkRdvV3da7sGqzr-pcDXIzl
Request Chain 371
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESECQxMWCyA5RaR4Bs2FVgoKI&google_cver=1&google_push=AYg5qPLI3xkEzT1-e1ZrjSvb7vLe7ZzG4_RkiOT9XVRZanQQ5ccohWzzT4F58fwq8bAQOUS_zx7uUGPPBn6_F7jBc-IBfVZv_a39 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESECQxMWCyA5RaR4Bs2FVgoKI&google_cver=1&google_push=AYg5qPLI3xkEzT1-e1ZrjSvb7vLe7ZzG4_RkiOT9XVRZanQQ5ccohWzzT4F58fwq8bAQOUS_zx7uUGPPBn6_F7jBc-IBfVZv_a39&s_h=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=FOYGkJR8TMmtK8elTk_IuA&gdpr=1&gdpr_consent=
Request Chain 372
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELMirBMp3YVTJUaF1jkTGKs&google_cver=1&google_push=AYg5qPJotD_WqLDz-_F0HeCPXQsRTcV9sHtfLgMW_3ZT4KQuvNJhutOWUYq0mRAfgJHFbqkEkFAqoP2oO3VDXUXqK3nzb_2TNOkp HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2ShuyzY3TBa_U9EZ7-W6Fw2&google_push=AYg5qPJotD_WqLDz-_F0HeCPXQsRTcV9sHtfLgMW_3ZT4KQuvNJhutOWUYq0mRAfgJHFbqkEkFAqoP2oO3VDXUXqK3nzb_2TNOkp
Request Chain 373
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJmi2jU6klHhn74MCggbP7U&google_cver=1&google_push=AYg5qPJjlwVuCnk0aKujopImRH66lyos0IailP8mDaR7ONXoaik92VMhqU3BksHET1iqnp9-Z6UsLPLOAjBwUCF-bUnAiKAnsHo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPJjlwVuCnk0aKujopImRH66lyos0IailP8mDaR7ONXoaik92VMhqU3BksHET1iqnp9-Z6UsLPLOAjBwUCF-bUnAiKAnsHo
Request Chain 374
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOlP3bH_HzsDrvS6tJXri0k&google_cver=1&google_push=AYg5qPK5dXiYfFKy_FSSjCbkj3I62Q_5JkRJ3yCu7sLc57J4TeY4xHgto8bbWFKMAK5LYmaHtM4o9klGpLl_vf43GQjYCAvhqfXZ HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPK5dXiYfFKy_FSSjCbkj3I62Q_5JkRJ3yCu7sLc57J4TeY4xHgto8bbWFKMAK5LYmaHtM4o9klGpLl_vf43GQjYCAvhqfXZ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1647167504003 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4ba235ce-d577-4322-bac4-4afb85905177-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPK5dXiYfFKy_FSSjCbkj3I62Q_5JkRJ3yCu7sLc57J4TeY4xHgto8bbWFKMAK5LYmaHtM4o9klGpLl_vf43GQjYCAvhqfXZ%26google_hm%3DA0uiNc7Vd0MiusRK-4WQUXc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK5dXiYfFKy_FSSjCbkj3I62Q_5JkRJ3yCu7sLc57J4TeY4xHgto8bbWFKMAK5LYmaHtM4o9klGpLl_vf43GQjYCAvhqfXZ&google_hm=A0uiNc7Vd0MiusRK-4WQUXc
Request Chain 398
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEENTucHRFYD2JZPs-uximaM&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEENTucHRFYD2JZPs-uximaM&google_cver=1&__user_check__=1&sync_id=c76841fd-a2b8-11ec-8af8-102ad03c0206
Request Chain 399
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=c7683c4a-a2b8-11ec-b99f-192cb16e0206 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Yzc2ODNiZjQtYTJiOC0xMWVjLWI5OWYtMTkyY2IxNmUwMjA2
Request Chain 408
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=71852900055976100757591011897008&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=71852900055976100757591011897008&actionid=981741&produktid=&dt_url=
Request Chain 410
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=71852900055976100757591011897008 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 421
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1&google_push=AYg5qPI3CO7W1jvXQ526WJd6VxphkA0s3L_SRqRKk5MepK50tSHjye8-QSLqInDLmvl7PXBWBOWazLcMpT8GohWHXnkZK63qX_iT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMwOTU5NTQ1MjUzNDY4NTQxNw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1
Request Chain 423
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOlGcv6HITpd5cgjsMz61jI&google_cver=1&google_push=AYg5qPKZ6f263nJvZELu5I-zEX8NDLawDHo55yGowiGmYaOdg0zqBjSORDz_xZtxMfJrN7xI5dq27pAY1wkhkHLvxof1MU9NeRs HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOlGcv6HITpd5cgjsMz61jI&google_cver=1&google_push=AYg5qPKZ6f263nJvZELu5I-zEX8NDLawDHo55yGowiGmYaOdg0zqBjSORDz_xZtxMfJrN7xI5dq27pAY1wkhkHLvxof1MU9NeRs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aXBmOTRLNmkxTnRsdk81&google_gid=CAESEOlGcv6HITpd5cgjsMz61jI&google_cver=1&google_push=AYg5qPKZ6f263nJvZELu5I-zEX8NDLawDHo55yGowiGmYaOdg0zqBjSORDz_xZtxMfJrN7xI5dq27pAY1wkhkHLvxof1MU9NeRs
Request Chain 424
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENeDDmUtR39uXSEABuvfdIA&google_cver=1&google_push=AYg5qPLrsqhKHMuY0pfxTnuvviobpXKp0CnfPLzcopmCMdOBa4aRI49UPx_iXbV0ZvBKESAdIZzI1AVwLUh-hsuBh8caMpV3-Sw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLrsqhKHMuY0pfxTnuvviobpXKp0CnfPLzcopmCMdOBa4aRI49UPx_iXbV0ZvBKESAdIZzI1AVwLUh-hsuBh8caMpV3-Sw
Request Chain 425
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMXyRJPkbYKyiOjxnqlaTkM&google_cver=1&google_push=AYg5qPIPDqh4pN9cgWZbqeJt3IEgI8UdSl9yzyiDpH7pzzXQH2zk8yC7GhOYPUosMYM26p33jn0gRHZS6ZRD9Swsmn20QVdsJvFN HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMXyRJPkbYKyiOjxnqlaTkM&google_cver=1&google_push=AYg5qPIPDqh4pN9cgWZbqeJt3IEgI8UdSl9yzyiDpH7pzzXQH2zk8yC7GhOYPUosMYM26p33jn0gRHZS6ZRD9Swsmn20QVdsJvFN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIPDqh4pN9cgWZbqeJt3IEgI8UdSl9yzyiDpH7pzzXQH2zk8yC7GhOYPUosMYM26p33jn0gRHZS6ZRD9Swsmn20QVdsJvFN&google_hm=uXus4HtaS9qTkiF2Qobomw==
Request Chain 426
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHXg9SRCT5o-T--5_23zPp8&google_cver=1&google_push=AYg5qPIR1TSbcIMI1lwxg8UeKs2XJfVo7NHJJ5L5Z3jg9KrFZGlbPIx1YbYY2rL0KH-NINoWcAkizt-3uNN9m0580voTC286KVI9 HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHXg9SRCT5o-T--5_23zPp8&google_cver=1&google_push=AYg5qPIR1TSbcIMI1lwxg8UeKs2XJfVo7NHJJ5L5Z3jg9KrFZGlbPIx1YbYY2rL0KH-NINoWcAkizt-3uNN9m0580voTC286KVI9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIR1TSbcIMI1lwxg8UeKs2XJfVo7NHJJ5L5Z3jg9KrFZGlbPIx1YbYY2rL0KH-NINoWcAkizt-3uNN9m0580voTC286KVI9
Request Chain 427
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJmi2jU6klHhn74MCggbP7U&google_cver=1&google_push=AYg5qPI4WbT2_X5_ffqQe80OPMuSNABAukBj3Ef82upmVv58fgdf5VAR0gGbe1ZQSn4-1fJsHYd5ZykjMk8gANk-gJjdFi49xbwx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPI4WbT2_X5_ffqQe80OPMuSNABAukBj3Ef82upmVv58fgdf5VAR0gGbe1ZQSn4-1fJsHYd5ZykjMk8gANk-gJjdFi49xbwx

429 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request jesus.co
nets4.com/domain/
48 KB
13 KB
Document
General
Full URL
https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
690a225808e1830ad763cf573a3a0fef011a000267d34b5776f922e79531a7e9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-type
text/html; charset=UTF-8
cf-ray
6eb419e37d629096-FRA
cache-control
public, max-age=86400, proxy-revalidate
last-modified
Sun, 13 Mar 2022 10:31:39 GMT
vary
Accept-Encoding
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2o63CWLlwlEoBo6Uwrk%2BD0jyuLHaf48A1u7b0aM8k8d%2FRbqz4JHz8hKsSukECHpF%2Fwv%2BM8iOwzIzsMBRMe62fkiFOamaByyDe06b5GzHnVqMbWeNrPr6VcEzow%2BuqzQmLw442Hf5GtA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
awkqrI1qzYcE0gTfW6uXyLl_1bA.js
nets4.com/cdn-cgi/apps/head/
7 KB
3 KB
Script
General
Full URL
https://nets4.com/cdn-cgi/apps/head/awkqrI1qzYcE0gTfW6uXyLl_1bA.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f70751d4b3f5d5c9f208ea16e8cbcac3c6abf1bda80357da3fcd21dde4333449

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/jesus.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2238271
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
TBE6C4PT6ZEY65EB
x-amz-id-2
hqmFJhu4VH8dCEln6C+wWXkNh2EoKkrRwJZHX09Pjf7ISr+2/I4OwLauznRIaOAhxAwkQDPUhmg=
last-modified
Fri, 10 Dec 2021 11:06:12 GMT
server
cloudflare
etag
W/"e951628ea64bbeadb19c6d855ca98c7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAwlunjwD4vf2RVwQ%2FFCoE82x2vtShhm9IgVGOoFFQDKkj07uZKbvQkV5j3Pzl7Bbx7DaVF2LcDXuZGJ3jQCtDeb5EmovyhuQZk3sN3%2BG4rusfb7iibq2YND11%2BbAkTZRJKyKcsj3wo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
7KspX51u1Msx7FcOmJWweyW7FbGqzJNg
cf-ray
6eb419e88c099096-FRA
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/css/
157 KB
18 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/css/bootstrap.min.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1124801
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17620
timing-allow-origin
*
last-modified
Tue, 20 Jul 2021 01:00:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60f6203f-44d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dFFcmalqcCl%2FYaVgA8oJGmbVSyoAYIAi38pmbUib3KVOTMPWM77wB6G0C39aFoBQt8NEgm6pcK%2BkR4Lrz%2FZiBC7uUyz2GfpRciDSmtHWym5RipKD7moUcjZrqfSwoNHgiJQFEHkRwHQRGIwWMpqhovv"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419e8ba766907-FRA
expires
Fri, 03 Mar 2023 10:31:39 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1341073
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10462
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZMClQuL78cP0PphC9l4TeNcVEt6ngys98BUl8steBBIA%2BMCGBdyDsk4xIbWskLKurkwZvWT8ilKBYqtEOUqHbwXt6%2B0ETu0nsWBlwgS9kQwBhBkcfGXXXLkcttwe%2FiLtbo9gcj6oMJSrkG6fCHRoQTI"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419e8ba786907-FRA
expires
Fri, 03 Mar 2023 10:31:39 GMT
style.css
nets4.com/assets/css/
345 B
767 B
Stylesheet
General
Full URL
https://nets4.com/assets/css/style.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0f382f3320ade05dd14f969ff7dd9d894c6a6571165ab6d7fcdade2f4836dfc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/jesus.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3050
cf-polished
origSize=451
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 01 Nov 2021 12:55:19 GMT
server
cloudflare
etag
W/"617fe3b7-1c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKcUJ9pLtrOnA25KaA11ZPBciEOGfJDv8cSrB4%2BdTccsZn795rQFEsoqzPAkdigdoQ82cQKfS6BURLcHDE64hH86b4s9V2yJC0ax4cvM5JY1bbR7YEX3r%2BImgLA1PpupNbHdx%2F%2Bl5Wg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
6eb419e99980910d-FRA
cf-bgj
minify
invisible.js
nets4.com/cdn-cgi/challenge-platform/h/g/scripts/
40 KB
15 KB
Script
General
Full URL
https://nets4.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1647165600
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83cacad35cab9d5df069442d67efabf7c2a71dc4d78d2f6b8044bf332b50fff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/jesus.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XaU9%2FVbGhQoaWl6Q6GFUgp67Q0mtOvOKG76PPUaeWDVXp1DuHRMMhlj%2F9leeu1L8svtD0MGjupmjpn%2Bq8uHp3aIjU9wKW5BFAAZtzVP511spF39JY8SldRi9zBUQEbu7amXtg%2FNZ0OM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6eb419e99983910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Th69y9F.png
img.nets4.com/img/i.imgur.com/
3 KB
4 KB
Image
General
Full URL
https://img.nets4.com/img/i.imgur.com/Th69y9F.png?w=120&h=20&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
704f6f54ae77cd5ea0a0bf47ebb70727a9bd76a311d7e54788ad3dc79b366739
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1102334
cf-ray
6eb419e9fd8c9096-FRA
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3395
x-served-by
cache-sea4480-SEA
server
cloudflare
etag
W/"6df89d86deba278d112332afb4bb100b1a6165842a7fdb7f78a5a70c7c7218aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQYG50SWgVviwm17NlJvH%2FX6DD77Oq%2FkYilx4X6yxOxl6CsCvK8HfzrVLYCZgdchwDUEj%2FSLq7q%2BqdkGu4%2B4%2FEec9zPtb0wJOlk8xy7hiYk89jDmSzRSILCspkPV5fQM%2BxcINM8kDI7qyNmv"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/Th69y9F.png>; rel="canonical"
access-control-expose-headers
*
58T3Wrl.png
img.nets4.com/img/i.imgur.com/
1 KB
2 KB
Image
General
Full URL
https://img.nets4.com/img/i.imgur.com/58T3Wrl.png?w=20h=20&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2255ec4c3254a41b448889224b2cc5c32f8d6f8a6165d3c58aa6523f86c0957c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4073001
cf-ray
6eb419e9fd8f9096-FRA
x-cache
MISS, MISS
x-cache-hits
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1117
x-served-by
cache-sea4474-SEA, cache-fra19151-FRA
server
cloudflare
x-timer
S1643094498.253186,VS0,VE702
etag
W/"86d32e1b83f7c87590ac6aad5f278dca67bb9675a7a7869ed47749c6cf91763d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VH9GNaz02jXxP9FB7OmQ7WGdl6y8RHoO%2F4II6OgrAg%2BJ6vpDjLsvr7zEK5k8CFDFo8gmO87gLU68HZCrA3dapzN9mHrrwAZwHM%2FUVql0HVYHj9CNFai3lRXc8hhTie1CQ7uyKGpgn9lpO1jG"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/58T3Wrl.png>; rel="canonical"
access-control-expose-headers
*
leaflet.min.css
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/
10 KB
3 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
722c5b95144aaf980dafacd36b1df0a3a0cff78962e8eee8f56e40c423f00b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://nets4.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1111339
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2153
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:33 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e135-298f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FI5G8x6kEgXiaeNimfeCs6KW%2BoG8EI9KbHlO8kQBLoxTSEGGDvpqggRsBtV9cQ7scydBgcfoszQpAiHJWXwhC8CAgrLoEC1OxlcNSxokNVu5W%2B%2FUiY1Acn4P%2BaOZTfDvxpjzSvm0%2BjDwYbchsFF%2BaDRZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419e9e8a19136-FRA
expires
Fri, 03 Mar 2023 10:31:39 GMT
Zc4iwuj.png
img.nets4.com/img/i.imgur.com/
814 B
1 KB
Image
General
Full URL
https://img.nets4.com/img/i.imgur.com/Zc4iwuj.png?w=15h=15&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd1892cb87a74dac682a6207344909a96f23d342670b32063a4f4bae614805dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4073001
cf-ray
6eb419e9fd8d9096-FRA
x-cache
MISS, MISS
x-cache-hits
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
814
x-served-by
cache-sea4422-SEA, cache-fra19136-FRA
server
cloudflare
x-timer
S1643094498.271303,VS0,VE214
etag
W/"ef5e715e8edc5303224592e859bd4f82e513e48ef6932a25dfb6f389dbaed4a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYDjQuDk%2BZN4NBzQbTl6E%2Fhnx%2BPbd%2FImxDEIGvDCDpD0Zzhy342oM6hYStQXdAfKP59cOgojGyPegD%2B1lTdeBXj5Urz2XkIGU4vTMPC23QoqxZsqGoueVc8YBq6Enx9OisGdCFurg8DYe1pu"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/Zc4iwuj.png>; rel="canonical"
access-control-expose-headers
*
email-decode.min.js
nets4.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://nets4.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/jesus.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 11 Mar 2022 12:22:44 GMT
server
cloudflare
etag
W/"622b3f14-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDx3g8m1ScmjK%2BzXXOwagsf0GDumblm7LOZ0lgQ3d8VqI4CdZ%2FmxRQdSpmA%2Fz5%2BkPTKBtoAWAKF%2FsIS3gOrkm%2FGlXsFlJb9M%2BLYmfk3xTbR77oqQlfEXNEOl7yUEm8I%2FPAUjppG5ZNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eb419e9e9f2910d-FRA
vary
Accept-Encoding
expires
Tue, 15 Mar 2022 10:31:39 GMT
rocket-loader.min.js
nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/jesus.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 11 Mar 2022 12:22:44 GMT
server
cloudflare
etag
W/"622b3f14-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2FR6AqYgFvHtJ2mEhy9p6oVus%2B8UWseTnCqmtHV3T%2FK0rms3Jw1BI4LSMRsgRyEjjQnonTELZSZ1ci5y4jDG8oudEyorQG7H5e5BHLgVs%2FixZ1gap5%2FJue9PGBQcVO0k8FDkR4js5Tw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eb419e9e9f9910d-FRA
vary
Accept-Encoding
expires
Tue, 15 Mar 2022 10:31:39 GMT
W25b9ht.png
img.nets4.com/img/i.imgur.com/
2 KB
2 KB
Image
General
Full URL
https://img.nets4.com/img/i.imgur.com/W25b9ht.png?w=40&h=40&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17a97981604a1fe56f8804e77655010e70cbfbbac2c66e03a303e876dfd72640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4073000
cf-ray
6eb419ea0da89096-FRA
x-cache
HIT, MISS
x-cache-hits
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1574
x-served-by
cache-sea4420-SEA, cache-fra19181-FRA
server
cloudflare
x-timer
S1643094500.716062,VS0,VE220
etag
W/"ee80457266cef4b485c3668cbdd5f67e7ed204e94a46f041afd17fa27c93c945"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Drayk4xINOIlFrYGKXOt9nCw4PXaCLT2%2Fvc70MiaogPOQRVk%2FHOBhDmgCYJ0Na2FwAI%2BFRZeGpCpiTnRhA0ATwh9GIyM5B1HO%2BneNFoVfU2G87KDk%2FzOi9d4UhjeI9OdUmzz5V8J7WEmIAQa"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/W25b9ht.png>; rel="canonical"
access-control-expose-headers
*
jesus.co
nets4.com/domain/
15 B
0
Fetch
General
Full URL
https://nets4.com/domain/jesus.co
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://nets4.com/domain/jesus.co
ts-request-embed-key
0d910918-0a93-4ea5-8a66-ed7e0a3a6210:06a9ac0e59d9cc591976b5028c47798bab23a5f5e68f8e57dc9e4d402052aeb8
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypqLq2UpmsmFiWQgPNoZl039cEfFe6%2Bk5p4A4CYLbUcKZwRnsPWDLKFI%2Fm638E5dshIaMocnCTYJ9GKoaHWWBBWHDdaCGDKEW6WQmYIb%2B6PTdpPEA5LbE5SAejHBlsV1WYxi1o2YSXk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-store
cf-ray
6eb419ea1a43910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15
leaflet.js
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/
139 KB
36 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c837347a297c1a35852aa375392cc74950a2b868214e8b1909c4637b8b63ee24
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://nets4.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4070219
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35659
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e115-22a75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRZkwu3hNqf0SGVUqYJso45CDt84bCaFbdDxB3lG4RDjuz9tt2jbOMvmUbzxqax9sR5fILcWUdyB4sWc5txLOTV6uX9LQ91xNLx%2FnaumX9GEPIo%2BuJ8cCB%2FTFqoYtrr91z9JanXiUNL5fA%2B6awXZ0je3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419ea19169136-FRA
expires
Fri, 03 Mar 2023 10:31:39 GMT
agent.js
cdn.purpleads.io/
34 KB
10 KB
Script
General
Full URL
https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-50.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38bf08369b9d72ce4d22d5b555e9e5ee2e7a5fab8980ba2787f47d89d55e2c99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 14:24:13 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 08:37:50 GMT
server
AmazonS3
age
72447
etag
"0c008aa8cd8d5ae47e2eb77cc10e9a3c"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
10377
x-amz-cf-id
CzusthDqG13tZbz01NJeXPbi2dddwTqaq_Y2ILnb75nO5DJnHxzNGg==
sharebutton.js
nets4.com/assets/js/
80 KB
28 KB
Script
General
Full URL
https://nets4.com/assets/js/sharebutton.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21af66f64bb18b1159ee363a933d5630e27419c83915d4d5ef42d8154f3921da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/jesus.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3040
cf-polished
origSize=120806
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 03 Jul 2021 07:08:27 GMT
server
cloudflare
etag
W/"60e00ceb-1d7e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPXdbsywZKf3Xmk4xwSO%2BbHyUNeifNYnvHgZBocgoW3Wr6gXppYSsSS0URv6Wqit9brytHTlCJXTZcVQEcd6nddAK8DKPIjfOMvrd%2FhyGLXCH2tIdQWtO5ahR1LTLBh2BuVG6fVg9T4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
6eb419ea1a4e910d-FRA
cf-bgj
minify
load.js
cdn.purpleads.io/
24 KB
7 KB
Script
General
Full URL
https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-50.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56386db6fedf5475ff6ac57939cfaac58722f519fdce666cee7494b993c84e81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 17:10:55 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 10:12:20 GMT
server
AmazonS3
age
62448
etag
"46df8e234dd4307137411d6b4887edad"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
6702
x-amz-cf-id
oUoLLKjLtggVGric7MclExj8WLckWgAzRK69mehu70FWYide9hhnNw==
api.js
www.google.com/recaptcha/
850 B
968 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bafa1db2a6708b6401e11e0b2ac4c5bb6eddf4c25e5a83b7eb391fe42ab34a2f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Sun, 13 Mar 2022 10:31:39 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/
62 KB
14 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/bootstrap.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
314434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13102
timing-allow-origin
*
last-modified
Tue, 20 Jul 2021 01:00:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60f6203f-332e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWQ60dnAa1L4w9PEN9oaGhkPr2qDC21y6Ws83%2F4VdJnV5LRei%2BSIL8lgyGvHaFFZgk9Ibz25m0UXunnZr08HNvyS8r9ve0vnbIs58br8sNJ%2BF75LY9aSVRmYFjMjiVKcGDjouaxo5NXgrbTEVK%2B%2BoHAB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419ea39469293-FRA
expires
Fri, 03 Mar 2023 10:31:39 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.0/umd/
18 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.0/umd/popper.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691d4bd7b9b31f9ab1b1837e7d956e0e3041ef63c1ee0edee8ca6208a4234efd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2298984
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6107
timing-allow-origin
*
last-modified
Thu, 02 Sep 2021 17:01:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61310375-17db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utTIX%2F%2Feh9tPrC9mln%2FqkmOIsvGJccWhejjObepGmjeLPs3HsgKqFgtqP2OrJbrd9exPmn5leJuVcLLt1N%2FwOIkekTnuRnFyUWjyaCoX4BiOEWUfBeO4sn9UEmJiBcnAHTq328namBC3Wl9weO92pzVM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419ea39489293-FRA
expires
Fri, 03 Mar 2023 10:31:39 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
307450
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
timing-allow-origin
*
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQ41bALdJidSBgKd0qCBVdsaGdGZBYV%2FigJ9TFSv%2BJJsfp6h49SDtGS94Oz2nuH5gziXQRlYOqKbZzIGLJEuF6taQ%2BYcEwYQ2Uk3wjB7jxMR7nBZdqQK1Mw5gKoGEKW2yasmawsPwrnhq76wmyel2mR3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419ea394b9293-FRA
expires
Fri, 03 Mar 2023 10:31:39 GMT
beacon.min.js
static.cloudflareinsights.com/
14 KB
5 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/apps/head/awkqrI1qzYcE0gTfW6uXyLl_1bA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6eb419ea5aba9b9b-FRA
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1607
date
Sun, 13 Mar 2022 10:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 13 Mar 2022 12:04:52 GMT
s.js
nets4.com/cdn-cgi/zaraz/
4 KB
2 KB
Script
General
Full URL
https://nets4.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0cmFja3MlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIySmVzdXMlMjBkb21haW4lMjBzdGF0aXN0aWNzJTIwLSUyMEplc3VzLmNvJTIyJTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZuZXRzNC5jb20lMkZkb21haW4lMkZqZXN1cy5jbyUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCU3RA==
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22d7e00449ca81f34b0926fe4573ec056a674d959ad42d7fa0ad680e90f27992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/jesus.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
https://nets4.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aB1fe1qMP8udcmFWYwspvYqZ3LUIsi%2Bpwsv1w87bjkAhknF8n8%2FTnjkIQmCL61DPQXQEaKVeFfIVWFonFkanHZ%2FM70BL%2BscGyLv1A7CdRW29COo0fScilKbGh6%2BL3nO1NrD8gBioHa4%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
600
access-control-allow-credentials
true
cf-ray
6eb419ea1a51910d-FRA
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1102560
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76736
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-12bc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uG4z5%2FjAbBplwAqKauM9ykOJhrBYJ99CM54mFBX2lVsL7Jh3lQiLJ7LYG2TxsiIwrfmc%2Bys6VccDLMYGxRPTF4ccqcbcM70dlzzNF3VDv6Fnvhg4Q8OQ9Mp8vVr6AfXt3PNqqzGINpiDcAnKKo5W1xU7"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419ea29279136-FRA
expires
Fri, 03 Mar 2023 10:31:39 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/
76 KB
77 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1105179
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78268
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-131bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DRMgD1GJMmM%2FNTV9Z0S9i6G7QMvUTBc37ac0x3RP2YxWdeoE59kg1ahBW90wCKWDWBOr0qlmI83kToe%2F3EXeAQb39pb8EPt2VOw5nrsd0eCTBDTUgczqBxTGn75pXKGIZlal0kEOCXa4yIcjQOxU56q"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419ea292a9136-FRA
expires
Fri, 03 Mar 2023 10:31:39 GMT
pica.js
nets4.com/cdn-cgi/challenge-platform/h/g/scripts/
19 KB
7 KB
Other
General
Full URL
https://nets4.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04923c5e207caf6c7f88f1e723ee1e7e6e46d701d42ce4dfd45dad4ebd0c78e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/jesus.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2F6Cg2sJEOG81C4lvLt6CsjJLwqcgJmML2%2B25TfMQUkblU5KusZoxN55PwqVSsP362UZOBFGtzYeBMshxAL2m21HkJxot3zTWduinjC%2B6IP8WSXt5RZlMSWlazgJIIVk%2FBBhjJjKE4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6eb419ea2a59910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
09e3554b-79a5-4c3c-ae4b-17e78e661589.png
s0.nets4.com/s/
45 KB
46 KB
Image
General
Full URL
https://s0.nets4.com/s/09e3554b-79a5-4c3c-ae4b-17e78e661589.png?w=500
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd767560960de0c7a15970ea3b16451cd57550d82babe95dc4aae0caf38f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
46241
x-served-by
cache-sea4448-SEA
timing-allow-origin
*
server
cloudflare
etag
W/"188846c2d030671368a166235dc44fddfc55635373ea892eb143274e819a2432"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wU9fczx2FInDnYS8ndEfU5zG0%2B9MWsNU0%2BWALWgVq6kKNKuYglfdXV7kUFpmX3t08G4p7lwdg0Qohcz8dK90c1wniT5mlXD9aSafzdUZhgq1Mm9cXTqt6L7YNj2zbG76AOqFl5WGzi%2BLyjk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
6eb419ea7e359096-FRA
link
<https://urlscan.io/screenshots/09e3554b-79a5-4c3c-ae4b-17e78e661589.png>; rel="canonical"
access-control-expose-headers
*
jesus.co
img.nets4.com/favs/
1 KB
2 KB
Image
General
Full URL
https://img.nets4.com/favs/jesus.co?size=32
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c47693176093dad0dfafc4a0b1ab372a994818e9690a7ed0219c3ef021128d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1135
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 10:31:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlUgyF8cTwIq9ZeEVsXoY4o9HXYXkp96shZcY%2FGgtTxIFTER%2FbE5TbOIt6UTA%2FwBYc%2FBJpaJjloUtQBPyzJwGOCLb5kkWpxnVoFMRKH%2B%2FcQZx882V5g%2BNIqJfgC%2FMw5tWOGW%2FTaIhZtEgzC1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea6ab5910d-FRA
jesus.co
img.nets4.com/favs/
481 B
1012 B
Image
General
Full URL
https://img.nets4.com/favs/jesus.co?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e4554aebd04601666c4f5f429267fd7518ba1f7658c0f66450fc79aa12c1908
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
481
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 10:31:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70itB0bpWCox8Km%2B57vqqhEttts%2BKeGL0G%2B79Lhle3wT5OmdtUh6K0ext2fm0qOnWIEJTmqeqdezjX5k%2BVrShIlKRcphqjOCrlmqQQGt%2FhoKi9hqeCyxcNSvVHnwIYosiDZME5APCYx8CgW1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea6aba910d-FRA
jesus.com
img.nets4.com/favs/
70 B
599 B
Image
General
Full URL
https://img.nets4.com/favs/jesus.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 10:31:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aYZh8%2BHaVjYE4wrWS%2Fa4u3HxagpZzxJBJpbDVDMI0Aal7G46j8EmN1xm96%2BxcBWzx59ecTy%2B3OKJgEgwJJeXCq2gzMaZNWbE1UtUiQzJ2HawDoSAYAvYayyFqrhMraYD04lUKc6E8obi5pp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea6abb910d-FRA
jesus.in
img.nets4.com/favs/
381 B
914 B
Image
General
Full URL
https://img.nets4.com/favs/jesus.in?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
192fba245c012468da2443940a99f9ca13257f2a57f1932d5736c318e8a92d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
381
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 10:31:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVcTav2uKPbwHTo5MB067%2BqSNPr3ZFQ%2BFEfCpm%2FCcNSrECWycTe3U2YHJSVoh8iuv2PGfPYDY43aXpKzanOmvBvSIR0RMgigABuFs%2BC8aJJh9nfMic9UrIMM7R2r%2Be%2FzsOjZ4Mj5jfljbLos"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea6abc910d-FRA
backlinks-discovery-chart
s0.nets4.com/charts/
31 KB
31 KB
Image
General
Full URL
https://s0.nets4.com/charts/backlinks-discovery-chart?d=jesus.co&w=400&h=200&entries=12&ctype=2
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b4d5e67f4e69cce189da35aec15fd98da62b25d00e3b37f9a51a0facbee9bf
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://docs.google.com https://*.googleusercontent.com;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://docs.google.com
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' analytics.majesticseo.com analytics.majestic.com info.majestic.com https://www.googletagmanager.com www.google-analytics.com https://www.googleadservices.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://platform.twitter.com/;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;font-src 'none';object-src 'none';media-src 'none';frame-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;child-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;frame-ancestors https://docs.google.com https://*.googleusercontent.com;report-uri /csp/report
content-disposition
filename=BacklinkHistoryChart.png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31622
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
ALLOW-FROM https://docs.google.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Language, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIRJ83iD4uc6JcpEa0W%2F7QDHa5yXUpz9F%2FcBlOM8sN42N32GROfYvQ5ooKJsMj44SrLSwUvbtr0ze122OUYMJWV8i5eRHDiz46OAiwjk37lMdaJnJQOGGoIOeF9%2B4mWaCTH%2BTsbAQCz77nA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
content-security-policy
frame-ancestors https://docs.google.com https://*.googleusercontent.com;
accept-ranges
bytes
cf-ray
6eb419ea7e349096-FRA
expires
Sun, 20 Mar 2022 10:31:40 GMT
referring-domains-discovery
s0.nets4.com/charts/
31 KB
33 KB
Image
General
Full URL
https://s0.nets4.com/charts/referring-domains-discovery?d=jesus.co&w=400&h=200&entries=12&ctype=2
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4480fa1b105970ac52f944596b9ce6c6ab0adf0790e84511b66f93ed471cf480
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://docs.google.com https://*.googleusercontent.com;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://docs.google.com
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' analytics.majesticseo.com analytics.majestic.com info.majestic.com https://www.googletagmanager.com www.google-analytics.com https://www.googleadservices.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://platform.twitter.com/;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;font-src 'none';object-src 'none';media-src 'none';frame-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;child-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;frame-ancestors https://docs.google.com https://*.googleusercontent.com;report-uri /csp/report
content-disposition
filename=BacklinkHistoryChart.png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31926
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
ALLOW-FROM https://docs.google.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Language, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbN4p2FGmN2U%2FeuxO5p9RxlyB3XktB6Dk7vLyTXM0x5C8st55sdxlcjcpQE7rmdK7PDS83K0FLJmkLScx60MOBKyoTbl8cgECsLW44qgvqscy5B3AlYETQmcU2i9P085GktbT7era49LT5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
content-security-policy
frame-ancestors https://docs.google.com https://*.googleusercontent.com;
accept-ranges
bytes
cf-ray
6eb419ea7e309096-FRA
expires
Sun, 20 Mar 2022 10:31:40 GMT
megagames.com
img.nets4.com/favs/
535 B
1 KB
Image
General
Full URL
https://img.nets4.com/favs/megagames.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd05ef9807b98a27b9e65f2b5ba48ed0f3924630b80d1361aac1eaef3976072c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5364
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
535
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 09:02:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWFwWXev2d3YUsg2oiVgOKlzgNa36anax%2BkPVuzk8%2F7gvxLJ0Xv8SfPZjUj28mx6WtJxvFizoCUPpt7dgI5HZ%2FY%2F2S6kr75VEswtMz%2F3WF15dpRCKDxBYosDHAZJKLRp4PZ0DKq5S2dCuf6f"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7ac3910d-FRA
heatherriggleman.com
img.nets4.com/favs/
818 B
1 KB
Image
General
Full URL
https://img.nets4.com/favs/heatherriggleman.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1f2d2e5202f3a1baa8751d93b62cb65f8ea0f5b16d64d78a00b4eff91f9091c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9571
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
818
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 07:52:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvra1ji3%2B0ruzfA9Pk258pY1KuhdtJ7jsVPW5OgOTP1PEM%2Bd0ZFK7l4wq0%2Bj6ltphq9E%2B%2FsKkj6FxJlrPWbG%2Bj73r%2Bjh1nZU3NICWVs2O099yGkicC04TisFkIDftFmaA87u3fPzzjlCMOmH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7ac4910d-FRA
yacy.net
img.nets4.com/favs/
698 B
1 KB
Image
General
Full URL
https://img.nets4.com/favs/yacy.net?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ce9c974eddd008645e638d66c7029179ae19c8b271365d4501e82e6e9d54c13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17998
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
698
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 05:31:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rB6gRDns2x%2FatkVGxMB1Uk7EFBZlf1bDF47Qd8DLz%2BtNmX23aergYJWlzBpXh2rrl%2BiRjS3VdSBtWAsb8VJkvje%2FDhtmkD6oDL7sW5vsowz2ZFSVpQ7ecctNi3vuzaSQMKuhwj%2FeFNRRm1tN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7ac6910d-FRA
founderpass.com
img.nets4.com/favs/
425 B
968 B
Image
General
Full URL
https://img.nets4.com/favs/founderpass.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c20db37b0415137d094d2f4b92c2db53064084af00af9638521af4a60e3202b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17999
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
425
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 05:31:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IM8PUbyNDQrV1KsvZ4i8szAfWhWAHHhvKog8A%2BV%2B2LX6Xc4vjPvaUuWJT2jX%2FVkn%2BS2MpAjTXsyI9dAhXqbErkw5%2FmFJ2t4%2FDyWKqW6%2FBE3vcA%2F7YtsfFODPegWqJ6Ee6MiWPWfIzp96YyRk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7ac7910d-FRA
powtoon.com
img.nets4.com/favs/
722 B
1 KB
Image
General
Full URL
https://img.nets4.com/favs/powtoon.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b84531c5dc764af9161a56997edf9b4c67e661d9108c6d346ca6944c10716d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17998
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
722
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 05:31:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSBC1PpP3g0crGkZ9geJZ%2Bq4d8tdn4IQfQREL9gBciV7Qq3lmR361GLBc0JlpQWfHWFBY%2B%2FRsvYU%2FNsMhFM%2BfBzjyDlQuvkAAai040rko8C6BAOSuUZPuM835%2BwHVqc1YCrHf3bFryG3blMu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7ac9910d-FRA
batterybarpro.com
img.nets4.com/favs/
349 B
886 B
Image
General
Full URL
https://img.nets4.com/favs/batterybarpro.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42209466a0cee1f96840538c1199f541720c02d34fa7f6cf499019a2b22a477f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
349
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 05:07:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzjM07M2cTVG%2BYoYLQF30bniQLi7l5w417W02gNTrqz9k47QIFZpABJ8sgtS6PYdUpBkkDqm3G3MGandIYXAqkkif%2Bl0lgWDCyt%2FzDxUapAvUhy5CpChwF%2FaMv07Z4mXUVyB%2Botp99NBGp1G"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7acb910d-FRA
remotists.com
img.nets4.com/favs/
70 B
604 B
Image
General
Full URL
https://img.nets4.com/favs/remotists.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 05:07:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gjo65QsBERJzxnTJjQ8EXNwoNU4M2RKc2MEd1cMU5jLim7NMUNeGxTvIZudK8O4%2BNaYmtTbrp3B2DHTXqOsir9nsE5ilahNOmHv9tAAtJoEFbAzAVmo3f%2Bv0h%2Bdrx%2FCffzCaS2hsrXif9pAj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7acd910d-FRA
wildapricot.com
img.nets4.com/favs/
457 B
996 B
Image
General
Full URL
https://img.nets4.com/favs/wildapricot.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f96caee1cf100b342e61f134b36c0673d6a1d5bf9eecbc302f3a32de281b8163
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
457
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 05:07:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHQdQZbh8uaUGeuQ%2Fsx5DjXOYpf1OHLM8uSuSwilcTRUidJj3obmJ1rIC5IsnlZHqpwmh%2F7Y3MmcHIfj9yhC%2F%2BxVL%2BljVlx0g0MytN8smkrbZ1H%2BhkaTmWr7kStEiNyMSxk7HKEH8AsdkaAD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7ad0910d-FRA
calendly.com
img.nets4.com/favs/
492 B
1 KB
Image
General
Full URL
https://img.nets4.com/favs/calendly.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc96ff8709fb90541d88f19f338e82407556aeb4719befe3a637c53955bfe6cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19971
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
492
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 04:58:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpvKmr2ii4eAivyzu5F7Zfth2OqR2Z97BKBoxgCJrzfDgUiLWa1xhrpZCxSgxAQg1ABekPEdjTkhWKf60zqDvCoBai1klQAGzrnvZ0yGMCiKYf7IbEvnAExsv1vLWCQzmxosVB%2Fgq%2FnxOsMD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7ad1910d-FRA
maps.me
img.nets4.com/favs/
449 B
990 B
Image
General
Full URL
https://img.nets4.com/favs/maps.me?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fb70b777e2e28b115fb3154f38891a6fd251dec72c0173c79c97df3f32a897a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19971
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
449
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 04:58:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJcnlh%2Bg2g1HxZpAe85ynNRMaS9TySwEQLJd7OBaNH%2FuCU0bcBmkHyh%2BplrUsVAC9oI05yqUcE88pSN%2F2pNd2ozMCAQ7jxp%2FPOTv5pPDSXjKJkhQZGBLPzKZ7R7Sqs%2FYlfao9HUpUng%2FsMTW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7ad2910d-FRA
550j6zn5gn
www.clarity.ms/tag/
682 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/550j6zn5gn
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1425 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
096cfb56ab0d5ca611f0511fb95e8451322f44a0b9c2514eee76869c267d206d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-powered-by
ASP.NET
x-azure-ref
0DMgtYgAAAABKV20MkjRSRK7zTmwtlpTHTUlMMzBFREdFMDUwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
content-length
682
expires
-1
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1099023220&t=pageview&_s=1&dl=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&ul=en-us&de=UTF-8&dt=Jesus%20domain%20statistics%20-%20Jesus.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=238315253&gjid=2075921767&cid=1312843398.1647167500&tid=UA-123511935-10&_gid=901498445.1647167500&_r=1&_slc=1&z=263731832
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nets4.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
6eb419e37d629096
nets4.com/cdn-cgi/challenge-platform/h/g/cv/result/
2 B
689 B
XHR
General
Full URL
https://nets4.com/cdn-cgi/challenge-platform/h/g/cv/result/6eb419e37d629096
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1647165600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://nets4.com/domain/jesus.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6eb419ec6d83910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LluNIUcI2nFNSDR3uLp8G%2FO%2B2Kqa1%2BrPceuFpzlvMbCKBTrFnHTL%2FQlEyvftj2CNP5Iu9Y%2BP27m1g6shXwQKep7jdpf%2BwIadVK7OeaChS7f9N5MUXq7KLtMEB0zjbsgSr7z5NoTaOU%3D"}],"group":"cf-nel","max_age":604800}
clarity.js
h.clarity.ms/s/0.6.32/
53 KB
23 KB
Script
General
Full URL
https://h.clarity.ms/s/0.6.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/550j6zn5gn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
etag
"1d8314040aa9e90"
last-modified
Sun, 06 Mar 2022 09:55:04 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
/
api.purpleads.io/x/ Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/?ts=1647167500682
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
1ea95ab1-22d5-4ff4-8c00-04677b013d4b
/
api.purpleads.io/x/
4 KB
2 KB
Fetch
General
Full URL
https://api.purpleads.io/x/?ts=1647167500682
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
24dbcced82a1b52b704d4353e10b04602cba0ad3ae83112b7d3520dc7a5df0c4

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
0.4.13

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
etag
W/"11a8-f3kVFqQgsfGq66cS1HtWQfLb9hQ"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
51a825cf-c9f4-433e-90e3-6c0f7be5e970
agent.js
cdn.purpleads.io/
34 KB
10 KB
Script
General
Full URL
https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-50.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38bf08369b9d72ce4d22d5b555e9e5ee2e7a5fab8980ba2787f47d89d55e2c99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 14:24:13 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 08:37:50 GMT
server
AmazonS3
age
72448
etag
"0c008aa8cd8d5ae47e2eb77cc10e9a3c"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
10377
x-amz-cf-id
bE3YPN78sD3HUTCsR7JkILqINgcpBH9UZ6O8-pwkDwwOmXEQnkHq6g==
sm.22.html
static.addtoany.com/menu/ Frame 01E8
278 B
650 B
Document
General
Full URL
https://static.addtoany.com/menu/sm.22.html
Requested by
Host: nets4.com
URL: https://nets4.com/assets/js/sharebutton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fef239ebd936e96f316dee1aca599952e7adaaba26fab72b45328871855ac4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
content-type
text/html; charset=utf-8
via
e3s
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified
Tue, 28 Sep 2021 21:02:23 GMT
etag
W/"116-5cd1487afaaea"
cache-control
max-age=315360000, immutable
vary
Accept-Encoding
cf-cache-status
HIT
age
1416498
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6eb419ef988f698b-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/
34 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
init
api.purpleads.io/x/
68 B
358 B
Fetch
General
Full URL
https://api.purpleads.io/x/init?ts=1647167500710
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
587259314084a04755f0dfb2d0f0e9f07bdf03a575352e366e308d2e19cfc70a

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
etag
W/"44-Pm5SJt3t2KI5gMvsRd3GV+dxT2U"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
content-length
68
x-request-id
6a9cc782-90df-46d7-a222-6d498ea54367
init
api.purpleads.io/x/ Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/init?ts=1647167500710
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
17db7ba9-7130-41b3-9da6-1d40162c291e
marker-icon.png
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/
1 KB
2 KB
Image
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/marker-icon.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1340910
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1470
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e115-5ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=croTQvFM%2FnSX4sj%2FDPqAbwbuW5c3fndXuGOMAGEylZfkeDhflWsLlv%2BC7jTjRz30PCEiBf8t185vd8K7cWtIDtwUOZe2%2BlAShQIQsXZwG33qCXyLCpIAo7FeGQ66lnzlhzKhsRDK9EB3rFKeCRmPPeoW"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419ef98d09293-FRA
expires
Fri, 03 Mar 2023 10:31:40 GMT
2.png
a.tile.openstreetmap.org/3/1/
8 KB
9 KB
Image
General
Full URL
https://a.tile.openstreetmap.org/3/1/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b322c9030883acdb559f857024b4ef3ab7574712b635b6e3db135749e32e1fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"cb5643e63f3bc4f3e5c38d2017293c13"
age
175656
x-cache
HIT
x-cache-hits
126
content-length
8528
x-served-by
cache-hhn4041-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647167501.780479,VS0,VE0
date
Sun, 13 Mar 2022 10:31:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
odin.openstreetmap.org
cache-control
max-age=45476, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Tue, 01 Mar 2022 16:00:16 GMT
2.png
b.tile.openstreetmap.org/3/2/
11 KB
11 KB
Image
General
Full URL
https://b.tile.openstreetmap.org/3/2/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3c865f9ba19b80bbab61230ac6f099d6c605af2b21615415338a9bfa471c863a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"c7b1ee252c1accd2fea964a71de354de"
age
201334
x-cache
HIT
x-cache-hits
1377
content-length
11092
x-served-by
cache-hhn4070-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647167501.780898,VS0,VE0
date
Sun, 13 Mar 2022 10:31:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=181862, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Fri, 11 Mar 2022 02:36:05 GMT
3.png
b.tile.openstreetmap.org/3/1/
4 KB
4 KB
Image
General
Full URL
https://b.tile.openstreetmap.org/3/1/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
516fadf20aefdc9565d38ff12fd35aa4262d20408dace2f5849cd191119496c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"bc52a0f704ebee39a8cb5a58715363ce"
age
16213
x-cache
HIT
x-cache-hits
70
content-length
3910
x-served-by
cache-hhn4070-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647167501.780990,VS0,VE0
date
Sun, 13 Mar 2022 10:31:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
odin.openstreetmap.org
cache-control
max-age=178270, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Thu, 10 Mar 2022 21:05:46 GMT
3.png
c.tile.openstreetmap.org/3/2/
5 KB
6 KB
Image
General
Full URL
https://c.tile.openstreetmap.org/3/2/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c6cd28b8f48cd9c890723dbd16c6847083e7c322af81fc3da91b9730ac576658
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"7c25652ac6639939d717ee7de6a8d342"
age
196554
x-cache
HIT
x-cache-hits
2665
content-length
5621
x-served-by
cache-hhn4046-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647167501.780373,VS0,VE0
date
Sun, 13 Mar 2022 10:31:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=42212, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Tue, 01 Mar 2022 13:29:14 GMT
2.png
c.tile.openstreetmap.org/3/0/
5 KB
5 KB
Image
General
Full URL
https://c.tile.openstreetmap.org/3/0/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
dea6d9b977b06e1be6dbf3fc5118a1d8bfca410f14b6c4ad64ec07c057d4783c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"a97b0ae3a1c931b59d9503c0fb773d21"
age
114426
x-cache
HIT
x-cache-hits
17
content-length
4699
x-served-by
cache-hhn4046-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647167501.780441,VS0,VE0
date
Sun, 13 Mar 2022 10:31:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
odin.openstreetmap.org
cache-control
max-age=164739, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Wed, 09 Mar 2022 22:22:36 GMT
2.png
c.tile.openstreetmap.org/3/3/
5 KB
5 KB
Image
General
Full URL
https://c.tile.openstreetmap.org/3/3/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c87dc7d9c212984118785676c741a202f5cac746b7b003298a930ed56316e51f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"9a69d3f3c4dff9f5588aaa850c1c6140"
age
146453
x-cache
HIT
x-cache-hits
2327
content-length
4828
x-served-by
cache-hhn4046-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647167501.780499,VS0,VE0
date
Sun, 13 Mar 2022 10:31:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
odin.openstreetmap.org
cache-control
max-age=87076, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Sat, 05 Mar 2022 00:55:16 GMT
3.png
a.tile.openstreetmap.org/3/0/
249 B
441 B
Image
General
Full URL
https://a.tile.openstreetmap.org/3/0/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6ad584690f7fa3e788ea1df9a6a567211be5d9d627908e9339e84e99efe70126
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"07a14efdf923d78dad7320032b8d412c"
age
92240
x-cache
HIT
x-cache-hits
12
content-length
249
x-served-by
cache-hhn4041-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647167501.780546,VS0,VE0
date
Sun, 13 Mar 2022 10:31:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=168048, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Thu, 10 Mar 2022 02:25:44 GMT
3.png
a.tile.openstreetmap.org/3/3/
5 KB
5 KB
Image
General
Full URL
https://a.tile.openstreetmap.org/3/3/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
15f97543ff4d546609111ebf1c117bbe16c5fe852fa7e826204b74566e91a8f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"c947e22ac6e5f0475ad3445622a32d51"
age
69144
x-cache
HIT
x-cache-hits
1371
content-length
4834
x-served-by
cache-hhn4041-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647167501.780593,VS0,VE0
date
Sun, 13 Mar 2022 10:31:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
odin.openstreetmap.org
cache-control
max-age=15307, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Mon, 28 Feb 2022 00:30:56 GMT
marker-shadow.png
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/
618 B
1 KB
Image
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/marker-shadow.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3337151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
622
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e115-26a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fM47O3KwTOdMmQycRxvH7hE8HT9hGi70RwJR%2FoMPoo1LxoshmQuUt7JTcgL%2B7XuL%2B6X6gse7hCt%2FS%2F25B03HNs9xv%2BDwMtET2Nrx2ZufdF8vnG5vbIHhBG4iF5XsbrFjpsYAldIghPJmxIch9UER6kSH"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419efa8f19293-FRA
expires
Fri, 03 Mar 2023 10:31:40 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=2EC232119FAD420CA963FFF57871D896&RedC=c.clarity.ms&MXFR=36FD174B6F6A620C24C2062D6B6A6CBA
  • https://c.clarity.ms/c.gif?CtsSyncId=2EC232119FAD420CA963FFF57871D896&MUID=003CA7597F3E6ED90046B63F7E556F47
42 B
392 B
Image
General
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=2EC232119FAD420CA963FFF57871D896&MUID=003CA7597F3E6ED90046B63F7E556F47
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
last-modified
Mon, 28 Feb 2022 22:29:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"7c5ed6a6f22cd81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7C67A758CA2F4E0DACCB47AAE1582238 Ref B: FRAEDGE1406 Ref C: 2022-03-13T10:31:42Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=2EC232119FAD420CA963FFF57871D896&MUID=003CA7597F3E6ED90046B63F7E556F47
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
icons.29.svg.js
static.addtoany.com/menu/svg/
78 KB
33 KB
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons.29.svg.js
Requested by
Host: nets4.com
URL: https://nets4.com/assets/js/sharebutton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
1417489
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 31 Dec 2018 23:29:11 GMT
server
cloudflare
etag
W/"13937-57e59c7b88bd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=315360000, immutable
cf-ray
6eb419efb8a7698b-FRA
cf-bgj
minify
recaptcha__de.js
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/
360 KB
142 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15f9c75454fbc8c7a512938af4ebbe852cd2fe82b8bd32ec98222a231b8a7e12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nets4.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145081
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 10:17:35 GMT
rum
cloudflareinsights.com/cdn-cgi/ Frame
0
0
Preflight
General
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
content-type
text/plain
access-control-allow-origin
https://nets4.com
access-control-allow-methods
POST,OPTIONS
access-control-allow-headers
Content-Type
access-control-max-age
86400
vary
Origin
access-control-allow-credentials
true
server
cloudflare
cf-ray
6eb419efef4c5bed-FRA
x-frame-options
DENY
x-content-type-options
nosniff
content-encoding
gzip
rum
cloudflareinsights.com/cdn-cgi/
0
77 B
XHR
General
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
application/json

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://nets4.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6eb419efff5d5bed-FRA
vary
Origin
collect
h.clarity.ms/
0
88 B
XHR
General
Full URL
https://h.clarity.ms/collect
Requested by
Host: h.clarity.ms
URL: https://h.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:40 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
/
api.purpleads.io/x/b/ Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=26c809a2-a8dd-4b1d-a7b7-5d81902b7646&ts=1647167500923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
830f9c2d-d64a-4905-ae78-072ab3710d23
/
api.purpleads.io/x/b/ Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/b/?idx=1&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=66918125-e889-4222-8a97-cbd6848d5ebd&ts=1647167500924
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
fde4c2f4-285c-4aac-b3c9-11bf04b2b652
/
api.purpleads.io/x/b/ Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/b/?idx=2&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=223cbcb8-9229-4726-8809-4049ba965c09&ts=1647167500924
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
ca81c42f-f653-41d4-997a-bb16fa2cd1ce
/
api.purpleads.io/x/b/ Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/b/?idx=3&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=5cb4c655-173a-4127-966c-54ba12b5a8cd&ts=1647167500924
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
980c2135-4b8b-4d36-84f3-809e7cbe6402
/
api.purpleads.io/x/b/ Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/b/?idx=4&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=bda687bb-ab21-4253-95a1-ae2d1e1115bd&ts=1647167500924
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
eb3c19f4-38f1-4c42-918a-499a6557914d
/
api.purpleads.io/x/b/
9 KB
2 KB
Fetch
General
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=26c809a2-a8dd-4b1d-a7b7-5d81902b7646&ts=1647167500923
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
146bdc3c0d9ffce08f611fd426c9f5a6d9d003c7aac7008064f5a41664f9f46a

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
etag
W/"2407-BEJj0yKJdtg1/zr7oDf94L9ci7E"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
aab4f66a-b422-4c23-a88b-bdaacc34ef3d
/
api.purpleads.io/x/b/
9 KB
2 KB
Fetch
General
Full URL
https://api.purpleads.io/x/b/?idx=1&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=66918125-e889-4222-8a97-cbd6848d5ebd&ts=1647167500924
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
94bd10db36c3bc5c0bf38ffc55585c96abcc31f8e9957ed6e0c87c9c5dd42f77

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
etag
W/"2357-qseuVsLGoTbfYVjeKLgPD9TPQ00"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
6b582616-7423-4380-bf65-08c493cf1baf
/
api.purpleads.io/x/b/
9 KB
2 KB
Fetch
General
Full URL
https://api.purpleads.io/x/b/?idx=2&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=223cbcb8-9229-4726-8809-4049ba965c09&ts=1647167500924
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
539f15bad34896844475a238302138e3ae85c29209532264254bdc28daaa3edb

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
etag
W/"2407-9dK4jVDsgh9kAyYvk6zvSgaMymM"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
e23e3e79-d46b-4316-91a8-974faccbde87
/
api.purpleads.io/x/b/
9 KB
2 KB
Fetch
General
Full URL
https://api.purpleads.io/x/b/?idx=3&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=5cb4c655-173a-4127-966c-54ba12b5a8cd&ts=1647167500924
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
d9a9a19991050ee3bc32c91ed4df32051a445d9175f6fa45228d123ce0b42ecf

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
etag
W/"2407-KMekaAHH0gMdQQhJZKRBxAGAHlc"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
030279b9-8f71-491f-bf4c-7a09eccfb8ef
/
api.purpleads.io/x/b/
9 KB
2 KB
Fetch
General
Full URL
https://api.purpleads.io/x/b/?idx=4&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=bda687bb-ab21-4253-95a1-ae2d1e1115bd&ts=1647167500924
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
7d851fa6f8a004b6b8929316ffecb82459ac179ad247192431c7279dd600c39e

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
etag
W/"23f6-uV2IXEL8ulMk1rREVaf9EekAMRQ"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
707e6a34-8946-498b-a0ec-d0a17e49cd71
anchor
www.google.com/recaptcha/api2/ Frame 02A1
43 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=normal&cb=ve3qzsoefmf9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3d8e0bf009dc4593891079ba62a08eb9e8fc165dd367158823e41facbf0494cd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jmNp7dEw1L3N9b7VxFNpvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 13 Mar 2022 10:31:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-jmNp7dEw1L3N9b7VxFNpvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
22821
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame 02A1
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=normal&cb=ve3qzsoefmf9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 08:30:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 08:30:49 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame 02A1
360 KB
142 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=normal&cb=ve3qzsoefmf9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15f9c75454fbc8c7a512938af4ebbe852cd2fe82b8bd32ec98222a231b8a7e12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145081
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 10:17:35 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5A6B
81 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
a60406d427e511fb8b6f6a483e4b6f028101e150ed2447d38d5d98418afcb466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27747
x-xss-protection
0
server
sffe
etag
"1157 / 110 of 1000 / last-modified: 1647040337"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Mar 2022 10:31:41 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 02A1
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=85AXn53af-oJBEtL2o2WpAjZ
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=normal&cb=ve3qzsoefmf9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f98ff8ab059bdef9ea7fe9165a4e74fce15166abdbb8dd25307b7b7d9ac26ddd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=normal&cb=ve3qzsoefmf9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 13 Mar 2022 10:31:41 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame CACD
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
e865ba2ca00e11081a85a9c02951a24ff5ad447974bfaf3daa5356339bc02b6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27723
x-xss-protection
0
server
sffe
etag
"1157 / 123 of 1000 / last-modified: 1647040256"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Mar 2022 10:31:41 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 468F
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
aaac48be454622fb624348d4cd72ff1983d195ed341e39f25655bf181eb2e44a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27718
x-xss-protection
0
server
sffe
etag
"1157 / 34 of 1000 / last-modified: 1647040256"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Mar 2022 10:31:41 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D687
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
36ae7cd197f222a180957b29c08cdc6440561a9fae3aeeb757ec42a63d90d972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27723
x-xss-protection
0
server
sffe
etag
"1157 / 730 of 1000 / last-modified: 1647040337"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Mar 2022 10:31:41 GMT
bframe
www.google.com/recaptcha/api2/ Frame 1229
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2a3656cc3dc3ed53e485cf84e47918685e694198f3f97f06f16533e6d86b04ce
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-i32xE7gPs2br6+kxLGP0Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 13 Mar 2022 10:31:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-i32xE7gPs2br6+kxLGP0Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1110
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5FB7
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
e865ba2ca00e11081a85a9c02951a24ff5ad447974bfaf3daa5356339bc02b6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27723
x-xss-protection
0
server
sffe
etag
"1157 / 338 of 1000 / last-modified: 1647040256"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Mar 2022 10:31:41 GMT
pubads_impl_2022030201.js
securepubads.g.doubleclick.net/gpt/ Frame 5A6B
364 KB
122 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
499d742344f4b69df1c45273acccf5c6941269f48276e4d52cdabdfbb77a7904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:37:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
474837
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124504
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 09:35:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 07 Mar 2023 22:37:44 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame 1229
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 08:30:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 08:30:49 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame 1229
360 KB
142 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15f9c75454fbc8c7a512938af4ebbe852cd2fe82b8bd32ec98222a231b8a7e12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145081
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 10:17:35 GMT
pubads_impl_2022030801.js
securepubads.g.doubleclick.net/gpt/ Frame CACD
358 KB
121 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1742
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123897
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Mar 2023 10:02:39 GMT
pubads_impl_2022030801.js
securepubads.g.doubleclick.net/gpt/ Frame D687
358 KB
121 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065603
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3528
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123897
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Mar 2023 09:32:53 GMT
pubads_impl_2022030801.js
securepubads.g.doubleclick.net/gpt/ Frame 468F
358 KB
121 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1742
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123897
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Mar 2023 10:02:39 GMT
pubads_impl_2022030801.js
securepubads.g.doubleclick.net/gpt/ Frame 5FB7
358 KB
121 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1742
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123897
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Mar 2023 10:02:39 GMT
integrator.js
adservice.google.de/adsid/ Frame D687
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D687
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D687
17 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3329168481610479&correlator=893384276801030&eid=31064905%2C31065603%2C44742767&output=ldjh&gdfp_req=1&vrg=2022030801&ptt=17&impl=fif&sc=1&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie_enabled=1&abxe=1&dt=1647167501808&dlt=1647167501438&idt=352&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=5111&ucis=ci1p6cig65k2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167502&ga_hid=172075573&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a9765a17e251c504631928177f8caac5462c7f105aef5b2385ea96fe591d6818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9264
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D687
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f44df6024871e07a9dce8999ff5aa6292613928aee3600d398384cabea67095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10656
x-xss-protection
0
container.html
c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D633
6 KB
4 KB
Document
General
Full URL
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 13 Mar 2022 10:31:41 GMT
expires
Mon, 13 Mar 2023 10:31:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
h.clarity.ms/
0
48 B
XHR
General
Full URL
https://h.clarity.ms/collect
Requested by
Host: h.clarity.ms
URL: https://h.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:41 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
integrator.js
adservice.google.de/adsid/ Frame CACD
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame CACD
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame CACD
443 B
279 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3627229347754885&correlator=874696154354001&eid=31065485%2C31065516%2C44756894&output=ldjh&gdfp_req=1&vrg=2022030801&ptt=17&impl=fif&sc=1&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C120x600%7C200x200%7C250x250&ifi=1&adks=113378651&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie_enabled=1&abxe=1&dt=1647167501859&dlt=1647167501424&idt=415&biw=1600&bih=1200&isw=160&ish=600&oid=2&adxs=1148&adys=1298&ucis=7cbfn9exs5vh&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=160x0&msz=160x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167502&ga_hid=1009852716&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
2edfb8e5a246cc2bcf5bc25c9f7cf90ea68ab2d8e555869908ca750b8c4a1f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CACD
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51d1824c15484bf9e5f7eaecda2f6fcd87ac497425e14e21b36daa2bab07279c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10583
x-xss-protection
0
container.html
5e4a4d08a576fabd6d7653ea67d1e7cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5EFA
6 KB
4 KB
Document
General
Full URL
https://5e4a4d08a576fabd6d7653ea67d1e7cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 13 Mar 2022 10:31:42 GMT
expires
Mon, 13 Mar 2023 10:31:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 5A6B
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5A6B
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5A6B
65 KB
32 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=419646701581709&correlator=2932053358579709&output=ldjh&impl=fif&eid=31063377%2C31065568%2C31061166%2C44758226%2C44758229&vrg=2022030201&ptt=17&sc=1&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220313&eri=4&cookie_enabled=1&abxe=1&dt=1647167501897&dlt=1647167501334&idt=543&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=507&ucis=f6d8vq4vai1i&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167502&ga_hid=1408672909&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
868599f683532d79366bfe9d89e2071bccf655ad0e67a2ca9b379c03ffb3a5e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32339
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5A6B
13 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e7a58fa4a0eb39a6258df9ea0ea084c7d77a0ccf52caa03ffcac50d27f2e52b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10453
x-xss-protection
0
container.html
c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7C58
6 KB
4 KB
Document
General
Full URL
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 13 Mar 2022 10:31:42 GMT
expires
Mon, 13 Mar 2023 10:31:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 468F
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 468F
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 468F
0
9 KB
Other
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3217454138234025&correlator=3531863666794276&wbsu=3aa1f46f-90ab-4faa-ba6c-fa63efefa45a&callback=googletag.wbn1&eid=31064926%2C31065293%2C31060545%2C31065455%2C31064624&output=wbn&gdfp_req=1&vrg=2022030801&ptt=17&impl=fif&sc=1&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie_enabled=1&abxe=1&dt=1647167501926&dlt=1647167501430&idt=480&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=2045&ucis=fkokrfwtenuq&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167502&ga_hid=1310200072&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9663
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
application/webbundle
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
uuid:3aa1f46f-90ab-4faa-ba6c-fa63efefa45a
/ Frame 468F
536 B
662 B
Script
General
Full URL
urn:uuid:3aa1f46f-90ab-4faa-ba6c-fa63efefa45a
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d64a80887c78bdcf8f7e98331022b155ce3ec4eb75e254e1d15a15663e80192e
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-Content-Type-Options
nosniff, nosniff
content-type
text/javascript; charset=utf-8
sodar
pagead2.googlesyndication.com/getconfig/ Frame 468F
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a03908890ad86d977ed3c126f30724071c8729279c7a47d052f6743159f5e75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10616
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 5FB7
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5FB7
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5FB7
518 B
300 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1762645860729642&correlator=478237823039900&eid=31065294%2C31063246&output=ldjh&gdfp_req=1&vrg=2022030801&ptt=17&impl=fifs&sc=1&iu_parts=21902364955%3A22652385948%2Ccm_pu_nets4.com_technology_and_computing_top%2Ccm_pu_nets4.com_technology_and_computing_btf_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=471609500&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie_enabled=1&abxe=1&dt=1647167501962&dlt=1647167501522&idt=421&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=1350&ucis=hcagfcrjyb07&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167502&ga_hid=1134687092&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
d2b59825f8e99fb2dc98d6be2a590fea1d87ddf24d33acc0ceefedbf4b760ff2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
270
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5FB7
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5140090ecc6779cabe638c5e55c8235006b86f1bcab23d89abcf02e163ad3d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10500
x-xss-protection
0
container.html
540b893fe6af5ae4cbc70fa62bb6f302.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D7F5
6 KB
3 KB
Document
General
Full URL
https://540b893fe6af5ae4cbc70fa62bb6f302.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 13 Mar 2022 10:31:42 GMT
expires
Mon, 13 Mar 2023 10:31:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5A6B
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CACD
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D687
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 468F
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5FB7
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:42 GMT
/
api.purpleads.io/x/b/
9 KB
2 KB
Fetch
General
Full URL
https://api.purpleads.io/x/b/?idx=5&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=bda687bb-ab21-4253-95a1-ae2d1e1115bd&demand=adipolo&ts=1647167502111
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
d85aa20f051e49b97778c825c881639067f6f5fe70965391cc5098977c6df79f

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
etag
W/"2346-Ei5EVDkKKqpHHt8YyL7Yt/rz9nk"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
74fe0906-d6ec-420c-81dd-04eaba03f779
/
api.purpleads.io/x/b/ Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/b/?idx=5&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=bda687bb-ab21-4253-95a1-ae2d1e1115bd&demand=adipolo&ts=1647167502111
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
2b9ff7d6-526a-471d-b926-f209e514bf1e
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B0FB
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:23:30 GMT
expires
Mon, 13 Mar 2023 10:23:30 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
492
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 0631
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eff717678e5e48fe42ffb6ce1ab2ff63d78a07a6c31eeaaeb8232267469f9a57
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TKD6qEcAndZ3/exa1Bu+ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 13 Mar 2022 10:31:42 GMT
date
Sun, 13 Mar 2022 10:31:42 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-TKD6qEcAndZ3/exa1Bu+ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E3CF
6 KB
3 KB
Document
General
Full URL
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:31:41 GMT
expires
Mon, 13 Mar 2023 10:31:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/c68ad8882c371603468bb7e8ca90f696:667ba4fd0b77dc2a80313604e2f0ca10fd6816875a17ca74bb4b544359aac0bd25fa8b4b2fe71025fa16343682577240d789899b335a53ae9a20374abd0c52ecf68cfff05916e37... Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/a/c68ad8882c371603468bb7e8ca90f696:667ba4fd0b77dc2a80313604e2f0ca10fd6816875a17ca74bb4b544359aac0bd25fa8b4b2fe71025fa16343682577240d789899b335a53ae9a20374abd0c52ecf68cfff05916e3735a1110e8b2dcab927266c889cf898c359dbe780e03facf6eff593747945ef552ab05585535965148bac7a87b352f2a5515bafe3ee565ec099738b7c8f0f5c83b983daceeb4a14a79/i?id=030279b9-8f71-491f-bf4c-7a09eccfb8ef&ts=1647167502164
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
96333956-1c19-4111-908d-b1061fe3f693
i
api.purpleads.io/x/a/c68ad8882c371603468bb7e8ca90f696:667ba4fd0b77dc2a80313604e2f0ca10fd6816875a17ca74bb4b544359aac0bd25fa8b4b2fe71025fa16343682577240d789899b335a53ae9a20374abd0c52ecf68cfff05916e37...
0
199 B
Fetch
General
Full URL
https://api.purpleads.io/x/a/c68ad8882c371603468bb7e8ca90f696:667ba4fd0b77dc2a80313604e2f0ca10fd6816875a17ca74bb4b544359aac0bd25fa8b4b2fe71025fa16343682577240d789899b335a53ae9a20374abd0c52ecf68cfff05916e3735a1110e8b2dcab927266c889cf898c359dbe780e03facf6eff593747945ef552ab05585535965148bac7a87b352f2a5515bafe3ee565ec099738b7c8f0f5c83b983daceeb4a14a79/i?id=030279b9-8f71-491f-bf4c-7a09eccfb8ef&ts=1647167502164
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:42 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
28aa6e23-7a35-46f1-b249-43a5f5434660
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 61D8
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:23:30 GMT
expires
Mon, 13 Mar 2023 10:23:30 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
492
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 50E7
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1ebd9ef5e1ff89780334c05eec1b416c72578ff66d763166ef65a82f4791d0cb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-C4/qKZORfNyTzc3GJ8hQoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 13 Mar 2022 10:31:42 GMT
date
Sun, 13 Mar 2022 10:31:42 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-C4/qKZORfNyTzc3GJ8hQoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 95A1
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:23:30 GMT
expires
Mon, 13 Mar 2023 10:23:30 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
492
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C11D
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9b91a220e9397e5c490918cd2d49dd3db349e276ee15c824f89d6c9a554ecf66
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-X3BqCSMVPDswfhhULeuhLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 13 Mar 2022 10:31:42 GMT
date
Sun, 13 Mar 2022 10:31:42 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-X3BqCSMVPDswfhhULeuhLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EF51
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:23:30 GMT
expires
Mon, 13 Mar 2023 10:23:30 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
492
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1805
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
144a80a98d18cf0f7f84176d9ccac08f200db3dc231b281862cffe3803cf49df
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LZva2igwDV27IKUDVvvC1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 13 Mar 2022 10:31:42 GMT
date
Sun, 13 Mar 2022 10:31:42 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-LZva2igwDV27IKUDVvvC1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A14
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:23:30 GMT
expires
Mon, 13 Mar 2023 10:23:30 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
492
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 2A2F
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fa5a146917b566cc193446e536691259f7ef5506fb99fe5f17937a23b2e6d3c3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BsauJpiN6vR24oCqnlurMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 13 Mar 2022 10:31:42 GMT
date
Sun, 13 Mar 2022 10:31:42 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-BsauJpiN6vR24oCqnlurMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 0631
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030201&jk=419646701581709&rc=null
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pixel
googleads.g.doubleclick.net/xbbe/ Frame 63D5
624 B
973 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNVA6D19NIfd0UzusPG2c7gRgQSKBdI4YhthJ-hLc0st4RZF2i1ySJXxOc2FxtjI5LXu_ehlWlSuPFuLpxu86YVCyAsFzLp0mSM86f6DIHc8c2526iQ3Mpjo9AyL4YKk88I9yLsEfv7V9oCb88XP59mnh7_I0_CqHBTW1MCtfGKNUvONyf0
Requested by
Host: c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
URL: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 13 Mar 2022 10:31:42 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 13 Mar 2022 10:31:42 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E3CF
27 KB
16 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-HElDJlwRxJokT4y-zrYt-PFAZ0AOIPrgBOeVCkui8zjyRtHYPa6_Lg6LlwqY4Mv2IOJO6NSIGHqCaChm_g4BdDHCyMTli5DUGG3_pm_uBUBPZANgPP7Ma-Y9XDSWDmnbEh4OvS8jhG7d2BJ0RKD6FJ5mOQ&cry=1&dbm_d=AKAmf-BciCc_F4f0YBf7P6q94xeesUp3uBhFuHJRNNU0ngpZ6dewiG5D6BYdhFfZsAiiDdvEmPnFCvkcykPTz348mbXQONflC72wKPS0H9T5E6dzXZPKKuTtPJjhANs6eM6s5zI07NOUrAkdqRPlzc1Tz6dqFAh3Up6gDXe-wCcpvaNoUIjrZjeUWSS9Jgl5LWuVXY0l5ZAeeI291uPkn7ZiaQEOpUZ_8gBPlIaIXJ-CQBZvNc0Pz2wF2zEnnGBI0VtuSYqmhCfnOY8mI_CvU4RDfd-eIdAZGQEGVJG6l8pmc5N5yJKC2YlIq7aokvx01JPmSAjtkKmm-gGBdYaiUuoObXs94PQTdMAaSxV_ufO8-RBcolfTbH2AlclKnoeuybecc7qqSnRSg46zVENG_vmXVboOHrJFWbCLz9joAQldLKBujwLwCIpwtJhSOd5Oig88mSUEPpbanbZfNnDf68TQsm2_94oVjgGxBgmAd9BjaLxUyadyMLyQTuLhrl17EGatH9f8GhCBew-_sx5KAhUxrtSyUZQv1h5hlU3QzbiaOIcmjMEdVLCgTanlLtjC4mPbDusIuY1U0ephVeDvWcj2xSrqdv8ZjF0qREzr-4fMSuYDKyo8CZ3bmUw9bVf7B_edMLX4sYe12W8VovwY9jcf2k4ZmXNbzYyJsUk1r9XdLK01ociBujaEiM0K2G1XxH8DcusrI7A1mJz-e9Uz-d8NbBLyGXotYpjazSi-5x6z2pe_zZMLRZRcHg4rHP58vgpLnQ8W3lXeAvnZymkNrKSbDX1qcSCSJR7Ioo79rVC4Z8S3ZdN4EAHc9lTlnOI1DrDv3hwXhqei3SDWAkFqbtg3AP5KpytieiZnFOFYUr75_ozhNXwCYUk1dSZgFqq96Kpy8KbpsoXf5vvWCQYnsQvhbvOLwZiAAejNj6n72ghDrnIH6PPSk9em2ReyA5TOx3YDWl-pOSNJ3eZOiFht4IPs_3t86W85FSqiennfOYbJ495Ke8IXYqFQO2diTJ6s67_pK-gqObjlBm8bnr3ESVYdezic9fTpZvwpXNbieABRKdO1FnC1cics943pLQtpk6P2KD40ji1EKUKcHH0EXqrA-5KWYH7RNn1ssXysVpE1PXRKJvyoWMAwBFdGkCnuGCnwtpzd-09BQ2mwh1Y78-efAd55lvD8adJO9crTghIgnOH75kX2kUQWKK9OX1BL4F0V-Ko5rP3KjINS12k9MraKNSXq5sKf9KT4QyYBHi1EqXkAphc3lEH2cVMLlZq__zdnoQIsnB2LnOHQTLZWZ7uuUwwiIsQndsPkqNqNfcmagAg881x7qvs_8MT0aprbiLHdkunjtYEtPS3A4AWoH5Y-CK2GsESdN7lE_k7Ywe7JxYjTg7iDmnfQ6s4LY-ksGJ5s7Hga7MC5NskKXoTeIkZ_gcQMEoD1pL0syz-zJdySM8aRbSUQ4MPvDLgtDzGcfXjT2n81f2TAXzjD_7g_18Hm9liE4y231zApnI1_cS8RZ2SOkWq23cJnqD41HWaPrudeblr6EURJxTKYjwZ-PvT0xIjrKtPY4fxDQokMqMmBNOircBexnR9sH2t3rAfCQ0wO0OW2FuVfO-umzHN9USZiS-qTq1uo8TuPPjZIaZ6KQ3x-n6iv087FfEFyRyOrdL1rn1iuTM4tf5Rzyi7iVKtZSZI186GQ4fEPiaz_n9hh4kExKIYrOjbn-f2nzMh2Ep7Q7wUiPaALtxsaGvI0s16uvvX5VWqziEK0AMA27Os7FOHx9UC_ak_Fq7xRCJ5FFUoba-xhdEjPar8Bb0V0AgXOESR4OVMPNyqBFhg4m4ZtCGoztPgyeMgWlcv39J0S4cG9nO-t1VSyb2Zfk_kSN3n7KKz2XGqwTEGdTlxEDKl5trdh-Vktv3gYUBLuh2wjfrhV5DZfSbolWGvrmflQf9hJe7UTjUDpMes7NSLCHLMBz34e5fh2DudSP5btbLawEHEHfcOTRKUPrlm8jI2VCQTLa7hqDkdvgCJW__dtVUMP3bzz3aJiqWrXzzHo4-Vth24IOPAlOKmY6jCHooZSk5_J6JO-8qskRSo0S1vbhRhWYrRJ1JwRJ4Gwh7NWbzqDOPoZ6RJqTFA4myNxXuKErgq3Ye0Jz_sDqaJ6cVJsxDzKv6esaGWycmFBps8LVPFLifW2P4kbT-W8LVAPKhY0iQcIzOZuUVctSTJVdR6O-ZxtlhAVLZyQ8onWtSNYlD1TyAFnNgZhjn4PT0B-1caCVZ_MHVQGfekiXIZ8PH5pGJYH9h5BP3jKtulXdOmWacgqBVjPFcgxKNjueZFj9g5ciBgOsqh6o_e8qbnMO4TElszIlmupCdP1DmDJXI0DaEVOu5s4J7ywm7NLbscS7k7aDvEnX959g_peEaozwgtk1MNcdYSkPdYtD9NkLW2owTBJNCIP8ps8R6FTYYR4qMbArSp6HkFirYSX4AsZW5Y6DzPCbIFqsjh5oG6A8DpIyzv4Mah8G89YkOuRMDbF68fChCqq3qyTv5m7E--ksytbaWHlrt7VAIKiGRzwZux6vm3KhyL0tLFY5hmXUIuTLjK-AoHyqcRF27FZaWmL_NYo-SsLb82bNmKQoHuc12XVn-wPyIoR3CncpxocnNZMl2s_4M_Yeu2Pvl-UIzcGIda6tLPdChwZkxWO5p4q0jAIqEY2kw6I4FqNilJGbATZ0TyXgTRgUWtyPCxx0nQF33W3MSg4cIrNn4dm8Kurt3JYmPgFkogyuVQmNYqulHtn984XhXmPXr5b_SP9-mTV0_dxBPY_NdH46DnmCZUExu59GLOeCVkFD6hBp34kquwoNACROk4l67cNkp2VX-tTrFjbG-tFz-KZ0dqYstHC3QMWBsBYcwo4RAzVx9eap6ov4MJOpTE-H3fDR5ujssmjQTJ-iBSjezCB-VyM2QhLUFzgjpy9wbVgpP_UcnAazxx8Uuysi65kccqlnFl5sExnyQpQztO5aFR_rsTLywToNon-d6raqNICPFZEr7YqwOPkOlF-b61s3vAIDMXRrPKou1gjpfx3HoRhdxqc6_L9mMGzgatmwSGALnLBfo6290KeWzJlD1eM1q8DBE_QI_KXK7_RRFvRZwsgcs5zPl4p_Xsh4rEOBF8tr0ZA084sb8yiPSg9hcBhnErkKZwPiqU_iAyjccMbBG4ycpy3CTu70sZxy0UeNz2D-CcarazqgwK52mJTzP4SnknpmugaDgjPHGjIrqjBzgmIoQcN9uzJIyxEpOsJGUG6pOaTn5fsCl1wECMwj44ZpXAkf1zmTg&cid=CAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d47ba8428cacc9252d052784dc6573ba82a5bde0a942c7a80850436a81eabc59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16432
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E3CF
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CQBVxHZzCMY-EsWnmkAMVjVfzRuuz0UjxPlDlPdb0Vdu7ROHYobjkhb_m-Fp5SAWqPUVr6pDkDC0Y9IsasFm4JUuUN-kL-PGn4KhcEOYu-GrbxCGo
Requested by
Host: c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
URL: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame E3CF
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js
Requested by
Host: c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
URL: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E3CF
117 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
URL: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36343
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646830771070120"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame E3CF
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
URL: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:29:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6397
x-xss-protection
0
server
cafe
etag
14404976697706490601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:29:53 GMT
l
www.google.com/ads/measurement/ Frame E3CF
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrO_M6cvSZHsO9jNYwnOeCCBsZpGZkUMFT0yT-jYZfjSTKcbd8uWjG73mFpYSeZiMAHFHQzmWY5NQN4VT4MXAvt9bRmw
Requested by
Host: c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
URL: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 50E7
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030801&jk=3329168481610479&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame C11D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030801&jk=3627229347754885&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 1805
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030801&jk=1762645860729642&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 2A2F
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030801&jk=3217454138234025&rc=null
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame B0FB
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 5A14
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 61D8
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame EF51
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 95A1
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
/
api.purpleads.io/x/b/
9 KB
2 KB
Fetch
General
Full URL
https://api.purpleads.io/x/b/?idx=6&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=66918125-e889-4222-8a97-cbd6848d5ebd&demand=cybermedia&ts=1647167502311
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
349620e1a7233d74138f3c20c21b9e518440d61d3a6087894638405b45c3cee1

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
etag
W/"2407-GgMuMR51AcZZVhx2PRY3wynuDpY"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
3709af26-0fb8-4fbb-ba6c-cdfc1bfb96d9
/
api.purpleads.io/x/b/ Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/b/?idx=6&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=66918125-e889-4222-8a97-cbd6848d5ebd&demand=cybermedia&ts=1647167502311
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
dc379461-6e35-4ca3-8428-0471529f3cb5
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 63EB
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
e865ba2ca00e11081a85a9c02951a24ff5ad447974bfaf3daa5356339bc02b6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27723
x-xss-protection
0
server
sffe
etag
"1157 / 384 of 1000 / last-modified: 1647040256"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Mar 2022 10:31:42 GMT
css
fonts.googleapis.com/ Frame 80F0
708 B
869 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato&display=swap
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
230f27646f2460a7e13106d06ec50cb822acf254ae08fba4058aa06ca57b9dab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Mar 2022 09:42:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 13 Mar 2022 10:31:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Mar 2022 10:31:42 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 80F0
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
e865ba2ca00e11081a85a9c02951a24ff5ad447974bfaf3daa5356339bc02b6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27723
x-xss-protection
0
server
sffe
etag
"1157 / 396 of 1000 / last-modified: 1647040256"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Mar 2022 10:31:42 GMT
rum
dsum-sec.casalemedia.com/ Frame 63D5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNVA6D19NIfd0UzusPG2c7gRgQSKBdI4YhthJ-hLc0st4RZF2i1ySJXxOc2FxtjI5LXu_ehlWlSuPFuLpxu86YVCyAsFzLp0mSM86f6DIHc8c2526iQ3Mpjo9AyL4YKk88I9yLsEfv7V9oCb88XP59mnh7_I0_CqHBTW1MCtfGKNUvONyf0
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Mar 2022 10:31:42 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 63D5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yi3IDk7X9JUGhnCcR6qUaAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNVA6D19NIfd0UzusPG2c7gRgQSKBdI4YhthJ-hLc0st4RZF2i1ySJXxOc2FxtjI5LXu_ehlWlSuPFuLpxu86YVCyAsFzLp0mSM86f6DIHc8c2526iQ3Mpjo9AyL4YKk88I9yLsEfv7V9oCb88XP59mnh7_I0_CqHBTW1MCtfGKNUvONyf0
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Mar 2022 10:31:42 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 63D5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
43 B
1008 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNVA6D19NIfd0UzusPG2c7gRgQSKBdI4YhthJ-hLc0st4RZF2i1ySJXxOc2FxtjI5LXu_ehlWlSuPFuLpxu86YVCyAsFzLp0mSM86f6DIHc8c2526iQ3Mpjo9AyL4YKk88I9yLsEfv7V9oCb88XP59mnh7_I0_CqHBTW1MCtfGKNUvONyf0
Protocol
HTTP/1.1
Server
185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
71908296-fc3a-48e1-851f-aceaeb435253
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 63D5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNVA6D19NIfd0UzusPG2c7gRgQSKBdI4YhthJ-hLc0st4RZF2i1ySJXxOc2FxtjI5LXu_ehlWlSuPFuLpxu86YVCyAsFzLp0mSM86f6DIHc8c2526iQ3Mpjo9AyL4YKk88I9yLsEfv7V9oCb88XP59mnh7_I0_CqHBTW1MCtfGKNUvONyf0
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0a137fca-881e-45de-acb8-f936e7bcde66
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame E3CF
25 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-HElDJlwRxJokT4y-zrYt-PFAZ0AOIPrgBOeVCkui8zjyRtHYPa6_Lg6LlwqY4Mv2IOJO6NSIGHqCaChm_g4BdDHCyMTli5DUGG3_pm_uBUBPZANgPP7Ma-Y9XDSWDmnbEh4OvS8jhG7d2BJ0RKD6FJ5mOQ&cry=1&dbm_d=AKAmf-BciCc_F4f0YBf7P6q94xeesUp3uBhFuHJRNNU0ngpZ6dewiG5D6BYdhFfZsAiiDdvEmPnFCvkcykPTz348mbXQONflC72wKPS0H9T5E6dzXZPKKuTtPJjhANs6eM6s5zI07NOUrAkdqRPlzc1Tz6dqFAh3Up6gDXe-wCcpvaNoUIjrZjeUWSS9Jgl5LWuVXY0l5ZAeeI291uPkn7ZiaQEOpUZ_8gBPlIaIXJ-CQBZvNc0Pz2wF2zEnnGBI0VtuSYqmhCfnOY8mI_CvU4RDfd-eIdAZGQEGVJG6l8pmc5N5yJKC2YlIq7aokvx01JPmSAjtkKmm-gGBdYaiUuoObXs94PQTdMAaSxV_ufO8-RBcolfTbH2AlclKnoeuybecc7qqSnRSg46zVENG_vmXVboOHrJFWbCLz9joAQldLKBujwLwCIpwtJhSOd5Oig88mSUEPpbanbZfNnDf68TQsm2_94oVjgGxBgmAd9BjaLxUyadyMLyQTuLhrl17EGatH9f8GhCBew-_sx5KAhUxrtSyUZQv1h5hlU3QzbiaOIcmjMEdVLCgTanlLtjC4mPbDusIuY1U0ephVeDvWcj2xSrqdv8ZjF0qREzr-4fMSuYDKyo8CZ3bmUw9bVf7B_edMLX4sYe12W8VovwY9jcf2k4ZmXNbzYyJsUk1r9XdLK01ociBujaEiM0K2G1XxH8DcusrI7A1mJz-e9Uz-d8NbBLyGXotYpjazSi-5x6z2pe_zZMLRZRcHg4rHP58vgpLnQ8W3lXeAvnZymkNrKSbDX1qcSCSJR7Ioo79rVC4Z8S3ZdN4EAHc9lTlnOI1DrDv3hwXhqei3SDWAkFqbtg3AP5KpytieiZnFOFYUr75_ozhNXwCYUk1dSZgFqq96Kpy8KbpsoXf5vvWCQYnsQvhbvOLwZiAAejNj6n72ghDrnIH6PPSk9em2ReyA5TOx3YDWl-pOSNJ3eZOiFht4IPs_3t86W85FSqiennfOYbJ495Ke8IXYqFQO2diTJ6s67_pK-gqObjlBm8bnr3ESVYdezic9fTpZvwpXNbieABRKdO1FnC1cics943pLQtpk6P2KD40ji1EKUKcHH0EXqrA-5KWYH7RNn1ssXysVpE1PXRKJvyoWMAwBFdGkCnuGCnwtpzd-09BQ2mwh1Y78-efAd55lvD8adJO9crTghIgnOH75kX2kUQWKK9OX1BL4F0V-Ko5rP3KjINS12k9MraKNSXq5sKf9KT4QyYBHi1EqXkAphc3lEH2cVMLlZq__zdnoQIsnB2LnOHQTLZWZ7uuUwwiIsQndsPkqNqNfcmagAg881x7qvs_8MT0aprbiLHdkunjtYEtPS3A4AWoH5Y-CK2GsESdN7lE_k7Ywe7JxYjTg7iDmnfQ6s4LY-ksGJ5s7Hga7MC5NskKXoTeIkZ_gcQMEoD1pL0syz-zJdySM8aRbSUQ4MPvDLgtDzGcfXjT2n81f2TAXzjD_7g_18Hm9liE4y231zApnI1_cS8RZ2SOkWq23cJnqD41HWaPrudeblr6EURJxTKYjwZ-PvT0xIjrKtPY4fxDQokMqMmBNOircBexnR9sH2t3rAfCQ0wO0OW2FuVfO-umzHN9USZiS-qTq1uo8TuPPjZIaZ6KQ3x-n6iv087FfEFyRyOrdL1rn1iuTM4tf5Rzyi7iVKtZSZI186GQ4fEPiaz_n9hh4kExKIYrOjbn-f2nzMh2Ep7Q7wUiPaALtxsaGvI0s16uvvX5VWqziEK0AMA27Os7FOHx9UC_ak_Fq7xRCJ5FFUoba-xhdEjPar8Bb0V0AgXOESR4OVMPNyqBFhg4m4ZtCGoztPgyeMgWlcv39J0S4cG9nO-t1VSyb2Zfk_kSN3n7KKz2XGqwTEGdTlxEDKl5trdh-Vktv3gYUBLuh2wjfrhV5DZfSbolWGvrmflQf9hJe7UTjUDpMes7NSLCHLMBz34e5fh2DudSP5btbLawEHEHfcOTRKUPrlm8jI2VCQTLa7hqDkdvgCJW__dtVUMP3bzz3aJiqWrXzzHo4-Vth24IOPAlOKmY6jCHooZSk5_J6JO-8qskRSo0S1vbhRhWYrRJ1JwRJ4Gwh7NWbzqDOPoZ6RJqTFA4myNxXuKErgq3Ye0Jz_sDqaJ6cVJsxDzKv6esaGWycmFBps8LVPFLifW2P4kbT-W8LVAPKhY0iQcIzOZuUVctSTJVdR6O-ZxtlhAVLZyQ8onWtSNYlD1TyAFnNgZhjn4PT0B-1caCVZ_MHVQGfekiXIZ8PH5pGJYH9h5BP3jKtulXdOmWacgqBVjPFcgxKNjueZFj9g5ciBgOsqh6o_e8qbnMO4TElszIlmupCdP1DmDJXI0DaEVOu5s4J7ywm7NLbscS7k7aDvEnX959g_peEaozwgtk1MNcdYSkPdYtD9NkLW2owTBJNCIP8ps8R6FTYYR4qMbArSp6HkFirYSX4AsZW5Y6DzPCbIFqsjh5oG6A8DpIyzv4Mah8G89YkOuRMDbF68fChCqq3qyTv5m7E--ksytbaWHlrt7VAIKiGRzwZux6vm3KhyL0tLFY5hmXUIuTLjK-AoHyqcRF27FZaWmL_NYo-SsLb82bNmKQoHuc12XVn-wPyIoR3CncpxocnNZMl2s_4M_Yeu2Pvl-UIzcGIda6tLPdChwZkxWO5p4q0jAIqEY2kw6I4FqNilJGbATZ0TyXgTRgUWtyPCxx0nQF33W3MSg4cIrNn4dm8Kurt3JYmPgFkogyuVQmNYqulHtn984XhXmPXr5b_SP9-mTV0_dxBPY_NdH46DnmCZUExu59GLOeCVkFD6hBp34kquwoNACROk4l67cNkp2VX-tTrFjbG-tFz-KZ0dqYstHC3QMWBsBYcwo4RAzVx9eap6ov4MJOpTE-H3fDR5ujssmjQTJ-iBSjezCB-VyM2QhLUFzgjpy9wbVgpP_UcnAazxx8Uuysi65kccqlnFl5sExnyQpQztO5aFR_rsTLywToNon-d6raqNICPFZEr7YqwOPkOlF-b61s3vAIDMXRrPKou1gjpfx3HoRhdxqc6_L9mMGzgatmwSGALnLBfo6290KeWzJlD1eM1q8DBE_QI_KXK7_RRFvRZwsgcs5zPl4p_Xsh4rEOBF8tr0ZA084sb8yiPSg9hcBhnErkKZwPiqU_iAyjccMbBG4ycpy3CTu70sZxy0UeNz2D-CcarazqgwK52mJTzP4SnknpmugaDgjPHGjIrqjBzgmIoQcN9uzJIyxEpOsJGUG6pOaTn5fsCl1wECMwj44ZpXAkf1zmTg&cid=CAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
947e22d9ed05fbe3f5ed3c4ee35618a1910a85968f48a22c0277f9936f2eb769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
5177785407398320510
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E3CF
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-HElDJlwRxJokT4y-zrYt-PFAZ0AOIPrgBOeVCkui8zjyRtHYPa6_Lg6LlwqY4Mv2IOJO6NSIGHqCaChm_g4BdDHCyMTli5DUGG3_pm_uBUBPZANgPP7Ma-Y9XDSWDmnbEh4OvS8jhG7d2BJ0RKD6FJ5mOQ&cry=1&dbm_d=AKAmf-BciCc_F4f0YBf7P6q94xeesUp3uBhFuHJRNNU0ngpZ6dewiG5D6BYdhFfZsAiiDdvEmPnFCvkcykPTz348mbXQONflC72wKPS0H9T5E6dzXZPKKuTtPJjhANs6eM6s5zI07NOUrAkdqRPlzc1Tz6dqFAh3Up6gDXe-wCcpvaNoUIjrZjeUWSS9Jgl5LWuVXY0l5ZAeeI291uPkn7ZiaQEOpUZ_8gBPlIaIXJ-CQBZvNc0Pz2wF2zEnnGBI0VtuSYqmhCfnOY8mI_CvU4RDfd-eIdAZGQEGVJG6l8pmc5N5yJKC2YlIq7aokvx01JPmSAjtkKmm-gGBdYaiUuoObXs94PQTdMAaSxV_ufO8-RBcolfTbH2AlclKnoeuybecc7qqSnRSg46zVENG_vmXVboOHrJFWbCLz9joAQldLKBujwLwCIpwtJhSOd5Oig88mSUEPpbanbZfNnDf68TQsm2_94oVjgGxBgmAd9BjaLxUyadyMLyQTuLhrl17EGatH9f8GhCBew-_sx5KAhUxrtSyUZQv1h5hlU3QzbiaOIcmjMEdVLCgTanlLtjC4mPbDusIuY1U0ephVeDvWcj2xSrqdv8ZjF0qREzr-4fMSuYDKyo8CZ3bmUw9bVf7B_edMLX4sYe12W8VovwY9jcf2k4ZmXNbzYyJsUk1r9XdLK01ociBujaEiM0K2G1XxH8DcusrI7A1mJz-e9Uz-d8NbBLyGXotYpjazSi-5x6z2pe_zZMLRZRcHg4rHP58vgpLnQ8W3lXeAvnZymkNrKSbDX1qcSCSJR7Ioo79rVC4Z8S3ZdN4EAHc9lTlnOI1DrDv3hwXhqei3SDWAkFqbtg3AP5KpytieiZnFOFYUr75_ozhNXwCYUk1dSZgFqq96Kpy8KbpsoXf5vvWCQYnsQvhbvOLwZiAAejNj6n72ghDrnIH6PPSk9em2ReyA5TOx3YDWl-pOSNJ3eZOiFht4IPs_3t86W85FSqiennfOYbJ495Ke8IXYqFQO2diTJ6s67_pK-gqObjlBm8bnr3ESVYdezic9fTpZvwpXNbieABRKdO1FnC1cics943pLQtpk6P2KD40ji1EKUKcHH0EXqrA-5KWYH7RNn1ssXysVpE1PXRKJvyoWMAwBFdGkCnuGCnwtpzd-09BQ2mwh1Y78-efAd55lvD8adJO9crTghIgnOH75kX2kUQWKK9OX1BL4F0V-Ko5rP3KjINS12k9MraKNSXq5sKf9KT4QyYBHi1EqXkAphc3lEH2cVMLlZq__zdnoQIsnB2LnOHQTLZWZ7uuUwwiIsQndsPkqNqNfcmagAg881x7qvs_8MT0aprbiLHdkunjtYEtPS3A4AWoH5Y-CK2GsESdN7lE_k7Ywe7JxYjTg7iDmnfQ6s4LY-ksGJ5s7Hga7MC5NskKXoTeIkZ_gcQMEoD1pL0syz-zJdySM8aRbSUQ4MPvDLgtDzGcfXjT2n81f2TAXzjD_7g_18Hm9liE4y231zApnI1_cS8RZ2SOkWq23cJnqD41HWaPrudeblr6EURJxTKYjwZ-PvT0xIjrKtPY4fxDQokMqMmBNOircBexnR9sH2t3rAfCQ0wO0OW2FuVfO-umzHN9USZiS-qTq1uo8TuPPjZIaZ6KQ3x-n6iv087FfEFyRyOrdL1rn1iuTM4tf5Rzyi7iVKtZSZI186GQ4fEPiaz_n9hh4kExKIYrOjbn-f2nzMh2Ep7Q7wUiPaALtxsaGvI0s16uvvX5VWqziEK0AMA27Os7FOHx9UC_ak_Fq7xRCJ5FFUoba-xhdEjPar8Bb0V0AgXOESR4OVMPNyqBFhg4m4ZtCGoztPgyeMgWlcv39J0S4cG9nO-t1VSyb2Zfk_kSN3n7KKz2XGqwTEGdTlxEDKl5trdh-Vktv3gYUBLuh2wjfrhV5DZfSbolWGvrmflQf9hJe7UTjUDpMes7NSLCHLMBz34e5fh2DudSP5btbLawEHEHfcOTRKUPrlm8jI2VCQTLa7hqDkdvgCJW__dtVUMP3bzz3aJiqWrXzzHo4-Vth24IOPAlOKmY6jCHooZSk5_J6JO-8qskRSo0S1vbhRhWYrRJ1JwRJ4Gwh7NWbzqDOPoZ6RJqTFA4myNxXuKErgq3Ye0Jz_sDqaJ6cVJsxDzKv6esaGWycmFBps8LVPFLifW2P4kbT-W8LVAPKhY0iQcIzOZuUVctSTJVdR6O-ZxtlhAVLZyQ8onWtSNYlD1TyAFnNgZhjn4PT0B-1caCVZ_MHVQGfekiXIZ8PH5pGJYH9h5BP3jKtulXdOmWacgqBVjPFcgxKNjueZFj9g5ciBgOsqh6o_e8qbnMO4TElszIlmupCdP1DmDJXI0DaEVOu5s4J7ywm7NLbscS7k7aDvEnX959g_peEaozwgtk1MNcdYSkPdYtD9NkLW2owTBJNCIP8ps8R6FTYYR4qMbArSp6HkFirYSX4AsZW5Y6DzPCbIFqsjh5oG6A8DpIyzv4Mah8G89YkOuRMDbF68fChCqq3qyTv5m7E--ksytbaWHlrt7VAIKiGRzwZux6vm3KhyL0tLFY5hmXUIuTLjK-AoHyqcRF27FZaWmL_NYo-SsLb82bNmKQoHuc12XVn-wPyIoR3CncpxocnNZMl2s_4M_Yeu2Pvl-UIzcGIda6tLPdChwZkxWO5p4q0jAIqEY2kw6I4FqNilJGbATZ0TyXgTRgUWtyPCxx0nQF33W3MSg4cIrNn4dm8Kurt3JYmPgFkogyuVQmNYqulHtn984XhXmPXr5b_SP9-mTV0_dxBPY_NdH46DnmCZUExu59GLOeCVkFD6hBp34kquwoNACROk4l67cNkp2VX-tTrFjbG-tFz-KZ0dqYstHC3QMWBsBYcwo4RAzVx9eap6ov4MJOpTE-H3fDR5ujssmjQTJ-iBSjezCB-VyM2QhLUFzgjpy9wbVgpP_UcnAazxx8Uuysi65kccqlnFl5sExnyQpQztO5aFR_rsTLywToNon-d6raqNICPFZEr7YqwOPkOlF-b61s3vAIDMXRrPKou1gjpfx3HoRhdxqc6_L9mMGzgatmwSGALnLBfo6290KeWzJlD1eM1q8DBE_QI_KXK7_RRFvRZwsgcs5zPl4p_Xsh4rEOBF8tr0ZA084sb8yiPSg9hcBhnErkKZwPiqU_iAyjccMbBG4ycpy3CTu70sZxy0UeNz2D-CcarazqgwK52mJTzP4SnknpmugaDgjPHGjIrqjBzgmIoQcN9uzJIyxEpOsJGUG6pOaTn5fsCl1wECMwj44ZpXAkf1zmTg&cid=CAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 13:19:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Mar 2023 13:19:22 GMT
container.html
c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6060
6 KB
3 KB
Document
General
Full URL
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:31:42 GMT
expires
Mon, 13 Mar 2023 10:31:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/37435893f0fea1b1526dd7aee0f16ef9:66516a7840c8d4b4ab78b373a6eb404685c9d3ce02675f47b36105174295ce90f22a7a9cb149a19f999d671c5e486afad3ad83e8afa91c279cfa4075e64ec8dd4c2c30db1e1427e... Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/a/37435893f0fea1b1526dd7aee0f16ef9:66516a7840c8d4b4ab78b373a6eb404685c9d3ce02675f47b36105174295ce90f22a7a9cb149a19f999d671c5e486afad3ad83e8afa91c279cfa4075e64ec8dd4c2c30db1e1427efef9cafdc88a8a32b749a5f51ab345e3d526145254f614f749075850949afd70677a6fedd183d7de1b396245ec86935fd615879b6ad6575586b2e8543391f189f6ccfffd644077d06/i?id=aab4f66a-b422-4c23-a88b-bdaacc34ef3d&ts=1647167502548
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
e52a24cc-6ae2-441a-9182-3f4a01ee3632
i
api.purpleads.io/x/a/37435893f0fea1b1526dd7aee0f16ef9:66516a7840c8d4b4ab78b373a6eb404685c9d3ce02675f47b36105174295ce90f22a7a9cb149a19f999d671c5e486afad3ad83e8afa91c279cfa4075e64ec8dd4c2c30db1e1427e...
0
199 B
Fetch
General
Full URL
https://api.purpleads.io/x/a/37435893f0fea1b1526dd7aee0f16ef9:66516a7840c8d4b4ab78b373a6eb404685c9d3ce02675f47b36105174295ce90f22a7a9cb149a19f999d671c5e486afad3ad83e8afa91c279cfa4075e64ec8dd4c2c30db1e1427efef9cafdc88a8a32b749a5f51ab345e3d526145254f614f749075850949afd70677a6fedd183d7de1b396245ec86935fd615879b6ad6575586b2e8543391f189f6ccfffd644077d06/i?id=aab4f66a-b422-4c23-a88b-bdaacc34ef3d&ts=1647167502548
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:42 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
9c2f702e-6761-42c0-835c-2c8b6af655dd
pubads_impl_2022030801.js
securepubads.g.doubleclick.net/gpt/ Frame 63EB
358 KB
121 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123897
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Mar 2023 10:02:39 GMT
uuid:52425aa3-28ea-213a-5876-213a28ea5242
/ Frame 1389
17 KB
17 KB
Document
General
Full URL
urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
215568fc549dd57a2be6a6e7ecaec66ef0307923832ed445deded31cbe258655
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-Content-Type-Options
nosniff
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
i
api.purpleads.io/x/a/6ec808438b31bfa59b623b8b97743ee0:5c0267632a6dd5260ec7ba7189716bd524fc972c4511b663cd786e2ebd94b7829d34fbdd14fb58712274d1e5fc6ea912470b661e8a3e3897b32bab0a6e65365f73d03ff0313b666... Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/a/6ec808438b31bfa59b623b8b97743ee0:5c0267632a6dd5260ec7ba7189716bd524fc972c4511b663cd786e2ebd94b7829d34fbdd14fb58712274d1e5fc6ea912470b661e8a3e3897b32bab0a6e65365f73d03ff0313b6668766f8bf253f07ef3085b28176cb0e725b07514f3a7aae9689b266f777d692a3d3529dc28c8626dd2aa6b62aa0e284d7f81e48b77f5f27c4db893ed46d4ddee0ac3ab39a7dfc9186d/i?id=e23e3e79-d46b-4316-91a8-974faccbde87&ts=1647167502615
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
d56160d1-0dbb-417e-9a6d-2ce739d1c9c0
i
api.purpleads.io/x/a/6ec808438b31bfa59b623b8b97743ee0:5c0267632a6dd5260ec7ba7189716bd524fc972c4511b663cd786e2ebd94b7829d34fbdd14fb58712274d1e5fc6ea912470b661e8a3e3897b32bab0a6e65365f73d03ff0313b666...
0
200 B
Fetch
General
Full URL
https://api.purpleads.io/x/a/6ec808438b31bfa59b623b8b97743ee0:5c0267632a6dd5260ec7ba7189716bd524fc972c4511b663cd786e2ebd94b7829d34fbdd14fb58712274d1e5fc6ea912470b661e8a3e3897b32bab0a6e65365f73d03ff0313b6668766f8bf253f07ef3085b28176cb0e725b07514f3a7aae9689b266f777d692a3d3529dc28c8626dd2aa6b62aa0e284d7f81e48b77f5f27c4db893ed46d4ddee0ac3ab39a7dfc9186d/i?id=e23e3e79-d46b-4316-91a8-974faccbde87&ts=1647167502615
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:42 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
45548a59-3ab4-46cb-b4ce-3f6d13db1fb9
generate_204
tpc.googlesyndication.com/ Frame B0FB
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?pj0UqA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 5A14
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?7OOpWw
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1389
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANcCjOKCoUai6zsW1CDYynetd-L_GIPz2TnrdjEk-XOmI9PHJOQhSH0_2peA6GKT-PAcjhVtb5BN6Cxa-7Db_gRo5kwQzQtRzwb7CL_zunYfyyy0U
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 1389
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1389
117 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36343
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646830771070120"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 1389
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:29:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6397
x-xss-protection
0
server
cafe
etag
14404976697706490601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:29:53 GMT
l
www.google.com/ads/measurement/ Frame 1389
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRB-h8kf2TuW61_WXpNue9Jv_1m5odTOghwxCsuZU1-K8q25yNmx4Cwbib3iromAl7cTKEP8knLE8hBFXrReX7wic9Y8g
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame B2ED
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
e865ba2ca00e11081a85a9c02951a24ff5ad447974bfaf3daa5356339bc02b6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27723
x-xss-protection
0
server
sffe
etag
"1157 / 186 of 1000 / last-modified: 1647040256"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Mar 2022 10:31:42 GMT
t43ocmuaiycq
hal9000.redintelligence.net/zone/ Frame E3CF
11 KB
4 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/t43ocmuaiycq?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB1faDcgtYve2NMGPrASP0In4BN2t6KhgqNy3x7kK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9DidfI3GWyJxBWGrxOzGNOib5cOH1PXchBV1nb8VWpT5DwsztfLHWKzJn23hzA9L4RVYtJ2MHrznZ5LOFH7geyMVafgcCbpmroLNiYFCDcFi_lqPTXAmj8Y-VaChIWMu_BMyAobdDoLg3ZfoVNaW13K8P_iDbzb--bdOqr4Gks-3eM7IR0_E804eIXhgNmokWhoF7W_5Ckdf4Vdkyf6olP1obY4Nv9arehbebNrVv5No6oLbTeSgfrF1RYkE4erFURDvlNZFAPe9Mk-7lcd9j3VgxLG-7BaDdeZn60VycAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps%26sig%3DAOD64_0q8aB6LlcJa9IQoISwV9LOdwqqdw%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-AFfEQ7Bp-qymjlTJXBTL4ysvSmM0mm2mTWktyuKemMEm7HEt0Bdiima91ss84g5qXJgS5WEM9U1qPpS4KNYZPYrb5azDCgOCvcZI5E-yGW5koSh1gjG4Qjn8oW5DTndX03aqU1Xf_9zYqkZugo64a9gL_QVQ%26cry%3D1%26dbm_d%3DAKAmf-AfrZ-2Gzzg4WW8xoOvUzApGL-zPkPvPHqDYqtmG0ZdlilSqJmuJivnv-x7GDUNAO8C-vit6nFEd498Gn9jPb5Ylz2az06zz9ZcV6-3D16_1G4HY8Q47DcT3HTJbTIPjiediPVkNtxKIWmfLIUgTOryH5yk-kwzYXo-TkBzPGn5VaAnCFBXcxDUugs4KJ4yVMIEo59NLIDkVHyiCwY9LDFt4tJnNCcaNGGD7XxPwYYxsGGSkVTQDlddbaCI_nA6CKYMXjgDO3DTACb3VsjLfZ7amaSryO5HT8s88WLqqEE5c4U6K0OECCS1RNTM1ipDTkPXKz2GbdMiFK80-W-E_RMzbG7a3mgDlYYMtJHsolCYjsgBetYG8sUpIaTXVSMkJvICCiiUNhLShXXhrZRW81QRTg5RNSrMJ_IrBI_EDUrtPZ8hkD-Qf_WC82w54XY-34KH3Dxkh1yaTIH4Rmllzu9fW0qrYQ%26adurl%3D
Requested by
Host: c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
URL: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f2978863218394b3c44f1458d9dde2eb0af779d06b95bb96e3a1aea49803c129

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3966
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8DFC
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 11 Mar 2022 13:19:22 GMT
expires
Sat, 11 Mar 2023 13:19:22 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
162740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5859
624 B
299 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWGfZwIHbw5Q-TGVDPXax0V_jvYpeJlzld1NYHeYJRCPxYvKAKLy7RL4nq1i4S7bwhAXA1NMYX1Rc1jzPtfuRmFobDOcjaJZH8sLH061Wej2Dp5rREfBmzYHCeKv3u8_cs2xOcW1cw1rT4liH4Hm5Bb-8MnDluE7EFZ0qDU5r1yJyJk-2s
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 13 Mar 2022 10:31:42 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 13 Mar 2022 10:31:42 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1389
27 KB
16 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWNMnczFtr-4p91XLVgMNRupMOLzD7j_0_nnXdDyxfHMOgQOQrnenPid1jiG0RTURHYrkkFhxUhxvoXCaq8L8b_E5Klh7V_KM2aX-8utXLJzQ7j2yY8y2eDF0qilwzB_lJVKDRguZSKmVjM00hpOmiNeKSVQ&cry=1&dbm_d=AKAmf-DtqtvS-Yc8zDWkG_Yp3bKHszHu5SYWpcd9mIFCcZ9cEvdSihRjdG6N8_xvQA5CyiCwJS5AYvZiSb8n4qnWwlOJQ96pMMp4gZdGue1_W0aqKnZQDLuDVxMsOoJolxZ4OcQbOtULzzjekRuC_ztoZiNNAtvCPn_884SqiNYvKEZXmg1Ey5yTIMvuYsKlxs4jbM-h4o6U3xE_vySj65cBIdIq_bKSlpceMz-Fxm1aLRGUSCex05dftqr3Sv6FGwPBb9G39gb-p4SZ_LeUQgksxxy2hXyPWMj_LD3qOUZxqomu4KAimHh1vtVuj7KyqQZnUmIGhSBo1jKmZG4v7d8uS-yhBd7s4PDiETjHBUd0wlCecb1avU0KBOfqal1hbnsDbQyuGMakycBR24yyDDj5FguYzaLYPDabnJgOue4qEvcMAVCsziazedToIsTW-dElok33gCsVIA88024qAbO7cGELs21GIbyCWLXXd_JfeoDNugMTNVl3iiWaDYzV9iQ8vhcCPgutaVxEd1W_PZ7hx-ZsKxEAaaSt-CLntvux-BlNjYnRVbZNWTZ7JWPseFCKRwJMrzqDAt6Ib8LDxovQawI5YpaBScU9TK6jv3tnrQ-hCFe_Elhm4PA-e-BcjVcsQoRHCKQJXu4jBZmHFF1-zhJb9YcHRZTf2U-v6_2ORWPF8b8lEWcZb4_s5MVcy_Y2dp5BaC7DWsKqS1049ub4HkmRhEIvviJVFE8vxH7KI9to9HLHUAHKXTAXYEuVimXTPNah5hiRPurx3uNRLbxnB2YUB5BS99fyZp4kPTdxFbTxJs1VDeDUMqVdjh--KXfbgSbNn8_k_MCbLxsyyf3GqNfQ0R2Mn7G5oGXtVxQ5tkwIMVWUcSG8xoPcXGXuIlWU8-OoAPZ0dklvtics5OPeGKRKBK3WrLhViCqTpolhOJ08l7WuDfgWMwLCsTlL2mkGyjV78w_lOCDrohzkEoVOZG3cl6U5Gyp5Xd7XkTOGqDChUMHS4ibNHgsKvOq8wJ0Fpxd6xZ4ywub71zDygKG90K4laPyKT31LO83unvsOq9BBnIzaKtO1IA1ckTu_a_i_cpzfYnccF1ICApt5a1wFOih0_CP13z0ANyHCbVxz646amnE9HqJMdZBMv3lsCBlIta17FCF2ZwWl6fUfnqEiaIxhv3nG8rLN8vAfVn58ted3gZNmMrL6SfouG3fWJ5Q6frPLbAk9hh8lyVIvoVEsIGyKHC2bvaEa2Ey7VBSjSs94nvA4zLdl8ftdK5Hc7SAtMHeRBuYgBDocdrhCVw27XipDcUuJSMH6zOrXubDhC-n6pOJnmM6bNw9sDqBJxqggWFlEIn7ibZMdfj3ALg-6IQ6ExhpiV4DdUV62_zsjmgmEhkE-vTqjx69yEUdKgLqxiy-4Msu1EgrE7K1pvqOap24hVc7SNdBzPN0Lkrt_xAeu8i-gJPqWFzBQ5XkjG2FTulw_QVnjLIKkhF1mkwlN_p64gY_9o1qE7-J5K1CrYS_MH9pCNIXdKkAWYRpqsd02K-Zk2eIiueQzCKXnQbqUV0dFq_dHfgCTiDrVhhqZUTElXRq6q25vxnUDQsEb2kK4sn_zgWfiR8ixBHVykNXXr4R3xUnJihGBUhnzMJkrTThhh4pTe-_Gyh4VAsjXxP4Y6aixqwNMjenZFZiIf82kQQWxA4BpOLb9d0KdCusU7ZoR-h5BCGz7qgqsS7v-9nr2_30HSfIyC9Vk5_L2Dp2Uav5fa-9ojSih6rwH5hklYkYAv3CAAXLsQa1r0X1GrYJlAB_DFX73serEfK1juvBEXJC0Ad3sLONWNpLfeItpe9uVEnY9QCJWxTTyHLVMtHf4GA5WKgp359bKrMtVIX3QvBB7vIukI3g6gsIoVxa2i1T_bTqSJ2DIQJxQ6aF3wC-j9aBJfosJlEzf2dEz45Uavgb5uyhL6TkuJjDvqD3PbmkYX8rXFw5WC5oGIz8rk4XIzdWKcGSG1tNkcH7zykHMFt3ZPUOeZ9Yd0XmPRYpoRuLkV1S0IX7kDKEk0P738DwdJXBllXDU3eEOM_HHBpoIxYCt03SDwM6z4oY64sl2cb6UgWFw4ktfVJTE7-Xp7L4v0XIQmLuDfNsbAlYuun3Nu-0tH-i2a6crmM-ykHlQIVjIXA507SPzi0LVNYJRyoEi1fj24VkSVBl0452eLfo95n5b3UE_D4jVy0M8RL-b6uXJkcC5reBS1Lj_PXUqDl1-91_zBgrbQ6tp9CcgdmD9SkBLSsDTT7mdr50zpqhXSV0_JIJSbvcHYskt6bdzKI5l0uYVPtuGeGu9yb9Xbb3W6HTbsVIovGtF3jJ8y8FSxr0erN-68YErJH7_QX4WC2FHpyYLFarSkGn3La9O-drb-YPot3dQRD04C5-K4MkwnzJ0B6dmgLruVv3GGjH9--FBvMWR24ha9k20A4CPLjyqUg4zRPLfC1ACWOuUBARr2xyQtDXTEGOUu383KDsiMCVdtkKC7vYxMWVduilc2dA9ypIbR3NAg21LbPDWSy48R-jY42Goo9rjWHrZN4xluxTExQu0ja1gQEfpeCFBnhLOZV4rcftu061TrphdfTlvOihuHUfHN67H7F9UfWTLThdXFNFCCUA6qwEwn5-F2v-JZXMLbXCR-UEHLJbjtcGxXRd4BpCZXXHORwkEIcWBJj5hkvrLgYyYrFfH0nQBuNHAK7hXjZxUFW0_JFE4FJuYurG-oUZ4qCW6e5AZ1tSpiR63sEgdCbvddt9Ou46qXPFMVUy892xzdFpsZLlAyn6jKfnvwMorXdlvVfc60scAhIBzQGPVl6qVtVYoobG-_cHfqv1EB91Z2Q5AF8TF59e6uVKwOeqfrDjOsh-eR2cqerFBvAqZl_HKdzf43nNJ47PFY6gQioInYb_COuFLrQOkvg9t_Sz9QEuYFyn90IyQ_qY6Aha-Lq_QtJJ3zByA2hhc2mkEylt2cM34m5I0jPh6L99arZzG3a3A809br2xj4saxlnaxyAk89bdKQvyClrwy8l_xW777SL374g7cemh3ZPx-gOtRCsbDBd7D_qNz-3jx_oaGPjOhaQtZekd38sUlHCkMlprWWdAI4dmkOO_EBybP9g1m_oamjNfgBiN0Coh7xhapwFKMHf0QL9N2D4B2loam24HYCGIPaXNQBeDGspUYzMQdSIR499A8XBDONXY3OfAtlGAmzpHsz4t41VV-C9zyhPvkB2JLa4c3tfDLbuh_nEn12i8R1rNQnOEnFd5vBgy2_Apf7lv5Z4jZlUyoyBz1qw8eY3imwa8PlT2-k35kH3b_pho&cid=CAASJ-Roil6pWZ_FSRI7pT1YgQwxmSDeHOal2JqyC8P0Yr2Tw33upEgfhg&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2C%2Curn%253Auuid%253A52425aa3-28ea-213a-5876-213a28ea5242%240
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b98df999bf23647121d5b612d14265d9d1a35e7dfd12f9c3d0bf46394b1a10eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 61D8
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?v2Ks0Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame 80F0
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 19:30:30 GMT
x-content-type-options
nosniff
age
313272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Mar 2023 19:30:30 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D461
624 B
299 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN7YvY8DEImkzJ0DGLGd28QBMAE&v=APEucNV18lTAzB4AK_LqiA2efx5V1akSxjR7egBGmZ4SEobKP5ff9fd4QP-Za2K1dfwvgyKM0OMq3ujJC-OBMvY7Oi7a-a5pOL63KvW0M7JGuh9wQGDVUNAf_EY_I7JSpvphf8Hw9e7VY3oxycr-kL3Xlro52fD5qGe920nMqSn4MW0EZZqIg70
Requested by
Host: c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
URL: https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 13 Mar 2022 10:31:42 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 13 Mar 2022 10:31:42 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 6060
19 KB
8 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7865
x-xss-protection
0
server
cafe
etag
17470246482903461409
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:19:17 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/elements/html/ Frame 6060
6 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:25:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:25:25 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6060
0
571 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZAbobWwALBCBakChV8xwNjfe3GTjgHZ8V9pPNTK3uDz5bmgrgnZlJAK79tkGI3MEVi1zj2s4b9yUl4yGcW4MDoReXj-1FsX-ihyueTUkFi6O_XZ7WwOzZ74bdvX39EHGiMM1p3JVYMyRsXiRiazvjlGlsJXputhYlSitmjGdqZleg5sAkB-gm6CwfaLuxabcI-QWitW-koloH1P4DpgEJ7z16EWtN_T8q8IkdI9cwe6xosz62pS0gHyQ9J6PVlHQlzLtvQAeTx3n1xWGBk091rtNFNr7w-0CcqfO5OcGXbkuxL68MEmaR8DQ-ldyWgdIlQre2RNfLmFHKENxeY4Fi4YQ1D35a3PXEcCGdPy0jUqSp5fhYOJ_-m_n7SpOtdRYiDF_RbTAZWulJL8hQAld1ogvDF3_6vxAuRaerVWw1SzCZoy-0A1IGQSWGJQ1LcouFwNezcKBP70iCyJjFw7-hy2K9YOOWE3P8gESx1w2nKwnq7Xh7fVYABLuXkfcZZHHZjkivMZgVmibL1p6NNAxmoqTJ5vAWpk5oYTNHTrIti1J5EUCCMty9nvzYBFCdSqYb8Pxkl2nAPU644f-JR0xjKc8TJLKvVe0pt-uzgiVvLRG7Mka5AjPDskHV3aTDkkTCSqdd5v_Q87wgR3TosYcS2aXAN5bOj0jGvkac81mi8Vx5ZNTYp1oApIhVkPAJEMyXdM1OLx_C1vtWcTU1HryB9k_xqjXQ7SgdqDMHceRcWFUDkYoXYbi1dsrLPndoN3zC_RHMU3mzEs-kP2CsZcKiNhfWLGEEi2YZfL47aDqVzM8cdFMCfnEzmKikJ98q8W2-wWPGCxLgnnx3x3rEJ-3WNi6lcrxYbf-kBBY_2sOwjAvDZnvOvBKMJRRMzLCCM5adg3bzTlOPx_qHq-HCujkNUREpbR_j8CJorLb15hM9i1Fyd3r-eQ9wzYfNFdVSXOraw_w8aUJZWGRQ269O83cHlKn6Yh7kS6ZmCrVJg7VFp7FXs8_iYFKUvubpd-yu0LdCW-UQScB96M-dGKjI8Nx222g9VaR89_A6jdV2ddqgsLwTW-BoZRug_fLbQ8tcDNIh4PXhtO54Ifk_I7AHTmU9iz5pwMk8Y7w-A-5-5BR5pZ40SmEZ&sai=AMfl-YR_YIEPpOhC_GhmGTkdwOl5pPaNPZF-lYaLZMtpxzdWM3FyBGRfhLkXifY242O9i6__cZ0ps9rKyB6ysginuWcJdxqYK06YREw2L0qhULY8PMs_OIEDLcPAhNtmFsW2gwMn-c6OCsWm3-7gBVlUpMRr8qHpslPQ5-juRO5q56DF2iwuktyfGJp-QlyqErsIoHckbKJSEbIarLkbi3YYWDuva0C1o7yaGsQprv4vH4MbFvwQXxUjFdtExYUK2qfW_J9Tiiq9JSzhpRy3oXsQbhAqcdB5o_yh9I3zpHS8Nb9l7WgczwNOCA0-4Yn9h3HfqNxfrYe3Tfz_FN-Dq81pwikNzO7aijewleKyDrkLYGfAbz_T-EgQpXHY9JWITE7O7DDzz-lHKSpVWYQwz8UeMw&sig=Cg0ArKJSzBn81yJxLgaBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220308.97954&adurl=
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sun, 13 Mar 2022 10:31:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6060
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 13:19:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Mar 2023 13:19:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6060
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CVfbjv4NeoRaqwYqApWrA3JMSGLAINCTc_yTpiJaaEonnosar_b9MThWI9IlJxznsDg25DgX8lsFLVgBUrQseMiEE4XSqQQCzvs7_yMz9WjWxZlec
Requested by
Host: c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
URL: https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 6060
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js
Requested by
Host: c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
URL: https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 6060
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
URL: https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:29:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6397
x-xss-protection
0
server
cafe
etag
14404976697706490601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:29:53 GMT
l
www.google.com/ads/measurement/ Frame 6060
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRK4_wt5h3BSkiV_Amf4uFhqjuev6fYJQw990pw5Vdw2ja5l9QroGIgRzIPR-XZuVQgRt1r3ZduWnLhkxtPlgA4y9hRlA
Requested by
Host: c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
URL: https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6060
117 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
URL: https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36343
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646830771070120"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:42 GMT
8928051657873516213
s0.2mdn.net/simgad/ Frame 6060
20 KB
21 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/8928051657873516213
Requested by
Host: c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
URL: https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb768c34f5b170271948a59c94651c37fd1214d64e1bd8863f134c508b905de7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 16:40:15 GMT
x-content-type-options
nosniff
age
237087
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20431
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 12:37:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Mar 2023 16:40:15 GMT
pubads_impl_2022030801.js
securepubads.g.doubleclick.net/gpt/ Frame 80F0
358 KB
121 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123897
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Mar 2023 10:02:39 GMT
integrator.js
adservice.google.de/adsid/ Frame 63EB
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 63EB
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 63EB
501 B
286 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1646061999790071&correlator=1012690618161415&eid=31064836%2C31065294%2C44756894&output=ldjh&gdfp_req=1&vrg=2022030801&ptt=17&impl=fifs&sc=1&iu_parts=21902364955%3A22652385948%2Ccm_pu_nets4.com_technology_and_computing_top%2Ccm_pu_nets4.com_technology_and_computing_btf_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C120x600%7C200x200%7C250x250&ifi=1&adks=1946913256&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie=ID%3D6bf49801c8b0f0f7-225df1845bcd0081%3AT%3D1647167501%3AS%3DALNI_Ma7ZDhgRWOZ6wZhyfuxlce6qtK_ig&abxe=1&dt=1647167502780&dlt=1647167502438&idt=325&biw=1600&bih=1200&isw=160&ish=600&oid=2&adxs=1148&adys=1298&ucis=a6xu9lohn9x&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=160x0&msz=160x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167503&ga_hid=1006669406&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
2ca375d8fe3464aaefcbf4f826970f9cc795c5875741cfe05afa53937ade429c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
257
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 63EB
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45782083d293574ae5c2febb453d76d965ff2f0c144e816a4e6814fd9814a973
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10684
x-xss-protection
0
container.html
23a21fe3ea42696fcc14fdc866388b53.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DB7D
6 KB
3 KB
Document
General
Full URL
https://23a21fe3ea42696fcc14fdc866388b53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 13 Mar 2022 10:31:42 GMT
expires
Mon, 13 Mar 2023 10:31:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request.php
hal900021.redintelligence.net/ Frame E3CF
Redirect Chain
  • https://hal900021.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=ce5b4e7790&subid=&uid=be8d50cce1e4fb9d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900021.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=ce5b4e7790&subid=&uid=be8d50cce1e4fb9d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
2 KB
Script
General
Full URL
https://hal900021.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=ce5b4e7790&subid=&uid=be8d50cce1e4fb9d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB1faDcgtYve2NMGPrASP0In4BN2t6KhgqNy3x7kK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9DidfI3GWyJxBWGrxOzGNOib5cOH1PXchBV1nb8VWpT5DwsztfLHWKzJn23hzA9L4RVYtJ2MHrznZ5LOFH7geyMVafgcCbpmroLNiYFCDcFi_lqPTXAmj8Y-VaChIWMu_BMyAobdDoLg3ZfoVNaW13K8P_iDbzb--bdOqr4Gks-3eM7IR0_E804eIXhgNmokWhoF7W_5Ckdf4Vdkyf6olP1obY4Nv9arehbebNrVv5No6oLbTeSgfrF1RYkE4erFURDvlNZFAPe9Mk-7lcd9j3VgxLG-7BaDdeZn60VycAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps%26sig%3DAOD64_0q8aB6LlcJa9IQoISwV9LOdwqqdw%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-AFfEQ7Bp-qymjlTJXBTL4ysvSmM0mm2mTWktyuKemMEm7HEt0Bdiima91ss84g5qXJgS5WEM9U1qPpS4KNYZPYrb5azDCgOCvcZI5E-yGW5koSh1gjG4Qjn8oW5DTndX03aqU1Xf_9zYqkZugo64a9gL_QVQ%26cry%3D1%26dbm_d%3DAKAmf-AfrZ-2Gzzg4WW8xoOvUzApGL-zPkPvPHqDYqtmG0ZdlilSqJmuJivnv-x7GDUNAO8C-vit6nFEd498Gn9jPb5Ylz2az06zz9ZcV6-3D16_1G4HY8Q47DcT3HTJbTIPjiediPVkNtxKIWmfLIUgTOryH5yk-kwzYXo-TkBzPGn5VaAnCFBXcxDUugs4KJ4yVMIEo59NLIDkVHyiCwY9LDFt4tJnNCcaNGGD7XxPwYYxsGGSkVTQDlddbaCI_nA6CKYMXjgDO3DTACb3VsjLfZ7amaSryO5HT8s88WLqqEE5c4U6K0OECCS1RNTM1ipDTkPXKz2GbdMiFK80-W-E_RMzbG7a3mgDlYYMtJHsolCYjsgBetYG8sUpIaTXVSMkJvICCiiUNhLShXXhrZRW81QRTg5RNSrMJ_IrBI_EDUrtPZ8hkD-Qf_WC82w54XY-34KH3Dxkh1yaTIH4Rmllzu9fW0qrYQ%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=9505920041827&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
URL: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
947f287476fbc9b0c4ca3fc97b70fb7cb6e7d85204d48c5da1b7df38d9fabee8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
28434000045773100757585011897021
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
972
Expires
Sun, 13 Mar 2022 10:31:42 +0100

Redirect headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=ce5b4e7790&subid=&uid=be8d50cce1e4fb9d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB1faDcgtYve2NMGPrASP0In4BN2t6KhgqNy3x7kK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9DidfI3GWyJxBWGrxOzGNOib5cOH1PXchBV1nb8VWpT5DwsztfLHWKzJn23hzA9L4RVYtJ2MHrznZ5LOFH7geyMVafgcCbpmroLNiYFCDcFi_lqPTXAmj8Y-VaChIWMu_BMyAobdDoLg3ZfoVNaW13K8P_iDbzb--bdOqr4Gks-3eM7IR0_E804eIXhgNmokWhoF7W_5Ckdf4Vdkyf6olP1obY4Nv9arehbebNrVv5No6oLbTeSgfrF1RYkE4erFURDvlNZFAPe9Mk-7lcd9j3VgxLG-7BaDdeZn60VycAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps%26sig%3DAOD64_0q8aB6LlcJa9IQoISwV9LOdwqqdw%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-AFfEQ7Bp-qymjlTJXBTL4ysvSmM0mm2mTWktyuKemMEm7HEt0Bdiima91ss84g5qXJgS5WEM9U1qPpS4KNYZPYrb5azDCgOCvcZI5E-yGW5koSh1gjG4Qjn8oW5DTndX03aqU1Xf_9zYqkZugo64a9gL_QVQ%26cry%3D1%26dbm_d%3DAKAmf-AfrZ-2Gzzg4WW8xoOvUzApGL-zPkPvPHqDYqtmG0ZdlilSqJmuJivnv-x7GDUNAO8C-vit6nFEd498Gn9jPb5Ylz2az06zz9ZcV6-3D16_1G4HY8Q47DcT3HTJbTIPjiediPVkNtxKIWmfLIUgTOryH5yk-kwzYXo-TkBzPGn5VaAnCFBXcxDUugs4KJ4yVMIEo59NLIDkVHyiCwY9LDFt4tJnNCcaNGGD7XxPwYYxsGGSkVTQDlddbaCI_nA6CKYMXjgDO3DTACb3VsjLfZ7amaSryO5HT8s88WLqqEE5c4U6K0OECCS1RNTM1ipDTkPXKz2GbdMiFK80-W-E_RMzbG7a3mgDlYYMtJHsolCYjsgBetYG8sUpIaTXVSMkJvICCiiUNhLShXXhrZRW81QRTg5RNSrMJ_IrBI_EDUrtPZ8hkD-Qf_WC82w54XY-34KH3Dxkh1yaTIH4Rmllzu9fW0qrYQ%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=9505920041827&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sun, 13 Mar 2022 10:31:42 +0100
pubads_impl_2022030801.js
securepubads.g.doubleclick.net/gpt/ Frame B2ED
358 KB
121 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123897
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Mar 2023 10:02:39 GMT
rum
dsum-sec.casalemedia.com/ Frame 5859
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWGfZwIHbw5Q-TGVDPXax0V_jvYpeJlzld1NYHeYJRCPxYvKAKLy7RL4nq1i4S7bwhAXA1NMYX1Rc1jzPtfuRmFobDOcjaJZH8sLH061Wej2Dp5rREfBmzYHCeKv3u8_cs2xOcW1cw1rT4liH4Hm5Bb-8MnDluE7EFZ0qDU5r1yJyJk-2s
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Mar 2022 10:31:42 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5859
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yi3IDk7X9JUGhnCcR6qUaAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWGfZwIHbw5Q-TGVDPXax0V_jvYpeJlzld1NYHeYJRCPxYvKAKLy7RL4nq1i4S7bwhAXA1NMYX1Rc1jzPtfuRmFobDOcjaJZH8sLH061Wej2Dp5rREfBmzYHCeKv3u8_cs2xOcW1cw1rT4liH4Hm5Bb-8MnDluE7EFZ0qDU5r1yJyJk-2s
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Mar 2022 10:31:42 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5859
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
43 B
1008 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWGfZwIHbw5Q-TGVDPXax0V_jvYpeJlzld1NYHeYJRCPxYvKAKLy7RL4nq1i4S7bwhAXA1NMYX1Rc1jzPtfuRmFobDOcjaJZH8sLH061Wej2Dp5rREfBmzYHCeKv3u8_cs2xOcW1cw1rT4liH4Hm5Bb-8MnDluE7EFZ0qDU5r1yJyJk-2s
Protocol
HTTP/1.1
Server
185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b2b7f5bb-d067-4fb8-bec9-7301209b5f29
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5859
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWGfZwIHbw5Q-TGVDPXax0V_jvYpeJlzld1NYHeYJRCPxYvKAKLy7RL4nq1i4S7bwhAXA1NMYX1Rc1jzPtfuRmFobDOcjaJZH8sLH061Wej2Dp5rREfBmzYHCeKv3u8_cs2xOcW1cw1rT4liH4Hm5Bb-8MnDluE7EFZ0qDU5r1yJyJk-2s
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3621ebcd-2fd2-42d6-9aa8-131c3cf2e204
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D461
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN7YvY8DEImkzJ0DGLGd28QBMAE&v=APEucNV18lTAzB4AK_LqiA2efx5V1akSxjR7egBGmZ4SEobKP5ff9fd4QP-Za2K1dfwvgyKM0OMq3ujJC-OBMvY7Oi7a-a5pOL63KvW0M7JGuh9wQGDVUNAf_EY_I7JSpvphf8Hw9e7VY3oxycr-kL3Xlro52fD5qGe920nMqSn4MW0EZZqIg70
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Mar 2022 10:31:42 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D461
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yi3IDk7X9JUGhnCcR6qUaAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN7YvY8DEImkzJ0DGLGd28QBMAE&v=APEucNV18lTAzB4AK_LqiA2efx5V1akSxjR7egBGmZ4SEobKP5ff9fd4QP-Za2K1dfwvgyKM0OMq3ujJC-OBMvY7Oi7a-a5pOL63KvW0M7JGuh9wQGDVUNAf_EY_I7JSpvphf8Hw9e7VY3oxycr-kL3Xlro52fD5qGe920nMqSn4MW0EZZqIg70
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Mar 2022 10:31:42 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D461
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
43 B
1008 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN7YvY8DEImkzJ0DGLGd28QBMAE&v=APEucNV18lTAzB4AK_LqiA2efx5V1akSxjR7egBGmZ4SEobKP5ff9fd4QP-Za2K1dfwvgyKM0OMq3ujJC-OBMvY7Oi7a-a5pOL63KvW0M7JGuh9wQGDVUNAf_EY_I7JSpvphf8Hw9e7VY3oxycr-kL3Xlro52fD5qGe920nMqSn4MW0EZZqIg70
Protocol
HTTP/1.1
Server
185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
99d21977-b123-46d4-839d-96880cd73c5b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D461
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN7YvY8DEImkzJ0DGLGd28QBMAE&v=APEucNV18lTAzB4AK_LqiA2efx5V1akSxjR7egBGmZ4SEobKP5ff9fd4QP-Za2K1dfwvgyKM0OMq3ujJC-OBMvY7Oi7a-a5pOL63KvW0M7JGuh9wQGDVUNAf_EY_I7JSpvphf8Hw9e7VY3oxycr-kL3Xlro52fD5qGe920nMqSn4MW0EZZqIg70
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a47914dc-9b71-4573-9d3c-4756683425f6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 54FA
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 11 Mar 2022 13:19:22 GMT
expires
Sat, 11 Mar 2023 13:19:22 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
162740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 8DFC
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
truncated
/ Frame 6060
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1500b60e9892d70bec1c05722802959fe7babc02c8e268c3b10a108bb9070013

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ Frame 80F0
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 80F0
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 80F0
26 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4210770730355657&correlator=3618679290001943&eid=31064905%2C44758229%2C31064018&output=ldjh&gdfp_req=1&vrg=2022030801&ptt=17&impl=fifs&sc=1&iu_parts=21902364955%3A22652385948%2Ccm_pu_nets4.com_technology_and_computing_top%2Ccm_pu_nets4.com_technology_and_computing_btf_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=1&adks=2232668132&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie=ID%3D6bf49801c8b0f0f7-225df1845bcd0081%3AT%3D1647167501%3AS%3DALNI_Ma7ZDhgRWOZ6wZhyfuxlce6qtK_ig&abxe=1&dt=1647167502856&dlt=1647167502486&idt=353&biw=1600&bih=1200&isw=345&ish=85&oid=2&adxs=1244&adys=1121&ucis=cudcw5iqqubq&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=345x0&msz=345x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167503&ga_hid=526691470&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
dbf6e5b75a285d830029955456eccf8419055e96d252f56a53dfc613cdd74a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11289
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9F39
6 KB
3 KB
Document
General
Full URL
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 13 Mar 2022 10:31:42 GMT
expires
Mon, 13 Mar 2023 10:31:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 1389
25 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWNMnczFtr-4p91XLVgMNRupMOLzD7j_0_nnXdDyxfHMOgQOQrnenPid1jiG0RTURHYrkkFhxUhxvoXCaq8L8b_E5Klh7V_KM2aX-8utXLJzQ7j2yY8y2eDF0qilwzB_lJVKDRguZSKmVjM00hpOmiNeKSVQ&cry=1&dbm_d=AKAmf-DtqtvS-Yc8zDWkG_Yp3bKHszHu5SYWpcd9mIFCcZ9cEvdSihRjdG6N8_xvQA5CyiCwJS5AYvZiSb8n4qnWwlOJQ96pMMp4gZdGue1_W0aqKnZQDLuDVxMsOoJolxZ4OcQbOtULzzjekRuC_ztoZiNNAtvCPn_884SqiNYvKEZXmg1Ey5yTIMvuYsKlxs4jbM-h4o6U3xE_vySj65cBIdIq_bKSlpceMz-Fxm1aLRGUSCex05dftqr3Sv6FGwPBb9G39gb-p4SZ_LeUQgksxxy2hXyPWMj_LD3qOUZxqomu4KAimHh1vtVuj7KyqQZnUmIGhSBo1jKmZG4v7d8uS-yhBd7s4PDiETjHBUd0wlCecb1avU0KBOfqal1hbnsDbQyuGMakycBR24yyDDj5FguYzaLYPDabnJgOue4qEvcMAVCsziazedToIsTW-dElok33gCsVIA88024qAbO7cGELs21GIbyCWLXXd_JfeoDNugMTNVl3iiWaDYzV9iQ8vhcCPgutaVxEd1W_PZ7hx-ZsKxEAaaSt-CLntvux-BlNjYnRVbZNWTZ7JWPseFCKRwJMrzqDAt6Ib8LDxovQawI5YpaBScU9TK6jv3tnrQ-hCFe_Elhm4PA-e-BcjVcsQoRHCKQJXu4jBZmHFF1-zhJb9YcHRZTf2U-v6_2ORWPF8b8lEWcZb4_s5MVcy_Y2dp5BaC7DWsKqS1049ub4HkmRhEIvviJVFE8vxH7KI9to9HLHUAHKXTAXYEuVimXTPNah5hiRPurx3uNRLbxnB2YUB5BS99fyZp4kPTdxFbTxJs1VDeDUMqVdjh--KXfbgSbNn8_k_MCbLxsyyf3GqNfQ0R2Mn7G5oGXtVxQ5tkwIMVWUcSG8xoPcXGXuIlWU8-OoAPZ0dklvtics5OPeGKRKBK3WrLhViCqTpolhOJ08l7WuDfgWMwLCsTlL2mkGyjV78w_lOCDrohzkEoVOZG3cl6U5Gyp5Xd7XkTOGqDChUMHS4ibNHgsKvOq8wJ0Fpxd6xZ4ywub71zDygKG90K4laPyKT31LO83unvsOq9BBnIzaKtO1IA1ckTu_a_i_cpzfYnccF1ICApt5a1wFOih0_CP13z0ANyHCbVxz646amnE9HqJMdZBMv3lsCBlIta17FCF2ZwWl6fUfnqEiaIxhv3nG8rLN8vAfVn58ted3gZNmMrL6SfouG3fWJ5Q6frPLbAk9hh8lyVIvoVEsIGyKHC2bvaEa2Ey7VBSjSs94nvA4zLdl8ftdK5Hc7SAtMHeRBuYgBDocdrhCVw27XipDcUuJSMH6zOrXubDhC-n6pOJnmM6bNw9sDqBJxqggWFlEIn7ibZMdfj3ALg-6IQ6ExhpiV4DdUV62_zsjmgmEhkE-vTqjx69yEUdKgLqxiy-4Msu1EgrE7K1pvqOap24hVc7SNdBzPN0Lkrt_xAeu8i-gJPqWFzBQ5XkjG2FTulw_QVnjLIKkhF1mkwlN_p64gY_9o1qE7-J5K1CrYS_MH9pCNIXdKkAWYRpqsd02K-Zk2eIiueQzCKXnQbqUV0dFq_dHfgCTiDrVhhqZUTElXRq6q25vxnUDQsEb2kK4sn_zgWfiR8ixBHVykNXXr4R3xUnJihGBUhnzMJkrTThhh4pTe-_Gyh4VAsjXxP4Y6aixqwNMjenZFZiIf82kQQWxA4BpOLb9d0KdCusU7ZoR-h5BCGz7qgqsS7v-9nr2_30HSfIyC9Vk5_L2Dp2Uav5fa-9ojSih6rwH5hklYkYAv3CAAXLsQa1r0X1GrYJlAB_DFX73serEfK1juvBEXJC0Ad3sLONWNpLfeItpe9uVEnY9QCJWxTTyHLVMtHf4GA5WKgp359bKrMtVIX3QvBB7vIukI3g6gsIoVxa2i1T_bTqSJ2DIQJxQ6aF3wC-j9aBJfosJlEzf2dEz45Uavgb5uyhL6TkuJjDvqD3PbmkYX8rXFw5WC5oGIz8rk4XIzdWKcGSG1tNkcH7zykHMFt3ZPUOeZ9Yd0XmPRYpoRuLkV1S0IX7kDKEk0P738DwdJXBllXDU3eEOM_HHBpoIxYCt03SDwM6z4oY64sl2cb6UgWFw4ktfVJTE7-Xp7L4v0XIQmLuDfNsbAlYuun3Nu-0tH-i2a6crmM-ykHlQIVjIXA507SPzi0LVNYJRyoEi1fj24VkSVBl0452eLfo95n5b3UE_D4jVy0M8RL-b6uXJkcC5reBS1Lj_PXUqDl1-91_zBgrbQ6tp9CcgdmD9SkBLSsDTT7mdr50zpqhXSV0_JIJSbvcHYskt6bdzKI5l0uYVPtuGeGu9yb9Xbb3W6HTbsVIovGtF3jJ8y8FSxr0erN-68YErJH7_QX4WC2FHpyYLFarSkGn3La9O-drb-YPot3dQRD04C5-K4MkwnzJ0B6dmgLruVv3GGjH9--FBvMWR24ha9k20A4CPLjyqUg4zRPLfC1ACWOuUBARr2xyQtDXTEGOUu383KDsiMCVdtkKC7vYxMWVduilc2dA9ypIbR3NAg21LbPDWSy48R-jY42Goo9rjWHrZN4xluxTExQu0ja1gQEfpeCFBnhLOZV4rcftu061TrphdfTlvOihuHUfHN67H7F9UfWTLThdXFNFCCUA6qwEwn5-F2v-JZXMLbXCR-UEHLJbjtcGxXRd4BpCZXXHORwkEIcWBJj5hkvrLgYyYrFfH0nQBuNHAK7hXjZxUFW0_JFE4FJuYurG-oUZ4qCW6e5AZ1tSpiR63sEgdCbvddt9Ou46qXPFMVUy892xzdFpsZLlAyn6jKfnvwMorXdlvVfc60scAhIBzQGPVl6qVtVYoobG-_cHfqv1EB91Z2Q5AF8TF59e6uVKwOeqfrDjOsh-eR2cqerFBvAqZl_HKdzf43nNJ47PFY6gQioInYb_COuFLrQOkvg9t_Sz9QEuYFyn90IyQ_qY6Aha-Lq_QtJJ3zByA2hhc2mkEylt2cM34m5I0jPh6L99arZzG3a3A809br2xj4saxlnaxyAk89bdKQvyClrwy8l_xW777SL374g7cemh3ZPx-gOtRCsbDBd7D_qNz-3jx_oaGPjOhaQtZekd38sUlHCkMlprWWdAI4dmkOO_EBybP9g1m_oamjNfgBiN0Coh7xhapwFKMHf0QL9N2D4B2loam24HYCGIPaXNQBeDGspUYzMQdSIR499A8XBDONXY3OfAtlGAmzpHsz4t41VV-C9zyhPvkB2JLa4c3tfDLbuh_nEn12i8R1rNQnOEnFd5vBgy2_Apf7lv5Z4jZlUyoyBz1qw8eY3imwa8PlT2-k35kH3b_pho&cid=CAASJ-Roil6pWZ_FSRI7pT1YgQwxmSDeHOal2JqyC8P0Yr2Tw33upEgfhg&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2C%2Curn%253Auuid%253A52425aa3-28ea-213a-5876-213a28ea5242%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
947e22d9ed05fbe3f5ed3c4ee35618a1910a85968f48a22c0277f9936f2eb769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
5177785407398320510
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1389
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWNMnczFtr-4p91XLVgMNRupMOLzD7j_0_nnXdDyxfHMOgQOQrnenPid1jiG0RTURHYrkkFhxUhxvoXCaq8L8b_E5Klh7V_KM2aX-8utXLJzQ7j2yY8y2eDF0qilwzB_lJVKDRguZSKmVjM00hpOmiNeKSVQ&cry=1&dbm_d=AKAmf-DtqtvS-Yc8zDWkG_Yp3bKHszHu5SYWpcd9mIFCcZ9cEvdSihRjdG6N8_xvQA5CyiCwJS5AYvZiSb8n4qnWwlOJQ96pMMp4gZdGue1_W0aqKnZQDLuDVxMsOoJolxZ4OcQbOtULzzjekRuC_ztoZiNNAtvCPn_884SqiNYvKEZXmg1Ey5yTIMvuYsKlxs4jbM-h4o6U3xE_vySj65cBIdIq_bKSlpceMz-Fxm1aLRGUSCex05dftqr3Sv6FGwPBb9G39gb-p4SZ_LeUQgksxxy2hXyPWMj_LD3qOUZxqomu4KAimHh1vtVuj7KyqQZnUmIGhSBo1jKmZG4v7d8uS-yhBd7s4PDiETjHBUd0wlCecb1avU0KBOfqal1hbnsDbQyuGMakycBR24yyDDj5FguYzaLYPDabnJgOue4qEvcMAVCsziazedToIsTW-dElok33gCsVIA88024qAbO7cGELs21GIbyCWLXXd_JfeoDNugMTNVl3iiWaDYzV9iQ8vhcCPgutaVxEd1W_PZ7hx-ZsKxEAaaSt-CLntvux-BlNjYnRVbZNWTZ7JWPseFCKRwJMrzqDAt6Ib8LDxovQawI5YpaBScU9TK6jv3tnrQ-hCFe_Elhm4PA-e-BcjVcsQoRHCKQJXu4jBZmHFF1-zhJb9YcHRZTf2U-v6_2ORWPF8b8lEWcZb4_s5MVcy_Y2dp5BaC7DWsKqS1049ub4HkmRhEIvviJVFE8vxH7KI9to9HLHUAHKXTAXYEuVimXTPNah5hiRPurx3uNRLbxnB2YUB5BS99fyZp4kPTdxFbTxJs1VDeDUMqVdjh--KXfbgSbNn8_k_MCbLxsyyf3GqNfQ0R2Mn7G5oGXtVxQ5tkwIMVWUcSG8xoPcXGXuIlWU8-OoAPZ0dklvtics5OPeGKRKBK3WrLhViCqTpolhOJ08l7WuDfgWMwLCsTlL2mkGyjV78w_lOCDrohzkEoVOZG3cl6U5Gyp5Xd7XkTOGqDChUMHS4ibNHgsKvOq8wJ0Fpxd6xZ4ywub71zDygKG90K4laPyKT31LO83unvsOq9BBnIzaKtO1IA1ckTu_a_i_cpzfYnccF1ICApt5a1wFOih0_CP13z0ANyHCbVxz646amnE9HqJMdZBMv3lsCBlIta17FCF2ZwWl6fUfnqEiaIxhv3nG8rLN8vAfVn58ted3gZNmMrL6SfouG3fWJ5Q6frPLbAk9hh8lyVIvoVEsIGyKHC2bvaEa2Ey7VBSjSs94nvA4zLdl8ftdK5Hc7SAtMHeRBuYgBDocdrhCVw27XipDcUuJSMH6zOrXubDhC-n6pOJnmM6bNw9sDqBJxqggWFlEIn7ibZMdfj3ALg-6IQ6ExhpiV4DdUV62_zsjmgmEhkE-vTqjx69yEUdKgLqxiy-4Msu1EgrE7K1pvqOap24hVc7SNdBzPN0Lkrt_xAeu8i-gJPqWFzBQ5XkjG2FTulw_QVnjLIKkhF1mkwlN_p64gY_9o1qE7-J5K1CrYS_MH9pCNIXdKkAWYRpqsd02K-Zk2eIiueQzCKXnQbqUV0dFq_dHfgCTiDrVhhqZUTElXRq6q25vxnUDQsEb2kK4sn_zgWfiR8ixBHVykNXXr4R3xUnJihGBUhnzMJkrTThhh4pTe-_Gyh4VAsjXxP4Y6aixqwNMjenZFZiIf82kQQWxA4BpOLb9d0KdCusU7ZoR-h5BCGz7qgqsS7v-9nr2_30HSfIyC9Vk5_L2Dp2Uav5fa-9ojSih6rwH5hklYkYAv3CAAXLsQa1r0X1GrYJlAB_DFX73serEfK1juvBEXJC0Ad3sLONWNpLfeItpe9uVEnY9QCJWxTTyHLVMtHf4GA5WKgp359bKrMtVIX3QvBB7vIukI3g6gsIoVxa2i1T_bTqSJ2DIQJxQ6aF3wC-j9aBJfosJlEzf2dEz45Uavgb5uyhL6TkuJjDvqD3PbmkYX8rXFw5WC5oGIz8rk4XIzdWKcGSG1tNkcH7zykHMFt3ZPUOeZ9Yd0XmPRYpoRuLkV1S0IX7kDKEk0P738DwdJXBllXDU3eEOM_HHBpoIxYCt03SDwM6z4oY64sl2cb6UgWFw4ktfVJTE7-Xp7L4v0XIQmLuDfNsbAlYuun3Nu-0tH-i2a6crmM-ykHlQIVjIXA507SPzi0LVNYJRyoEi1fj24VkSVBl0452eLfo95n5b3UE_D4jVy0M8RL-b6uXJkcC5reBS1Lj_PXUqDl1-91_zBgrbQ6tp9CcgdmD9SkBLSsDTT7mdr50zpqhXSV0_JIJSbvcHYskt6bdzKI5l0uYVPtuGeGu9yb9Xbb3W6HTbsVIovGtF3jJ8y8FSxr0erN-68YErJH7_QX4WC2FHpyYLFarSkGn3La9O-drb-YPot3dQRD04C5-K4MkwnzJ0B6dmgLruVv3GGjH9--FBvMWR24ha9k20A4CPLjyqUg4zRPLfC1ACWOuUBARr2xyQtDXTEGOUu383KDsiMCVdtkKC7vYxMWVduilc2dA9ypIbR3NAg21LbPDWSy48R-jY42Goo9rjWHrZN4xluxTExQu0ja1gQEfpeCFBnhLOZV4rcftu061TrphdfTlvOihuHUfHN67H7F9UfWTLThdXFNFCCUA6qwEwn5-F2v-JZXMLbXCR-UEHLJbjtcGxXRd4BpCZXXHORwkEIcWBJj5hkvrLgYyYrFfH0nQBuNHAK7hXjZxUFW0_JFE4FJuYurG-oUZ4qCW6e5AZ1tSpiR63sEgdCbvddt9Ou46qXPFMVUy892xzdFpsZLlAyn6jKfnvwMorXdlvVfc60scAhIBzQGPVl6qVtVYoobG-_cHfqv1EB91Z2Q5AF8TF59e6uVKwOeqfrDjOsh-eR2cqerFBvAqZl_HKdzf43nNJ47PFY6gQioInYb_COuFLrQOkvg9t_Sz9QEuYFyn90IyQ_qY6Aha-Lq_QtJJ3zByA2hhc2mkEylt2cM34m5I0jPh6L99arZzG3a3A809br2xj4saxlnaxyAk89bdKQvyClrwy8l_xW777SL374g7cemh3ZPx-gOtRCsbDBd7D_qNz-3jx_oaGPjOhaQtZekd38sUlHCkMlprWWdAI4dmkOO_EBybP9g1m_oamjNfgBiN0Coh7xhapwFKMHf0QL9N2D4B2loam24HYCGIPaXNQBeDGspUYzMQdSIR499A8XBDONXY3OfAtlGAmzpHsz4t41VV-C9zyhPvkB2JLa4c3tfDLbuh_nEn12i8R1rNQnOEnFd5vBgy2_Apf7lv5Z4jZlUyoyBz1qw8eY3imwa8PlT2-k35kH3b_pho&cid=CAASJ-Roil6pWZ_FSRI7pT1YgQwxmSDeHOal2JqyC8P0Yr2Tw33upEgfhg&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2C%2Curn%253Auuid%253A52425aa3-28ea-213a-5876-213a28ea5242%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 13:19:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Mar 2023 13:19:22 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 63EB
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:42 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6060
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZAbobWwALBCBakChV8xwNjfe3GTjgHZ8V9pPNTK3uDz5bmgrgnZlJAK79tkGI3MEVi1zj2s4b9yUl4yGcW4MDoReXj-1FsX-ihyueTUkFi6O_XZ7WwOzZ74bdvX39EHGiMM1p3JVYMyRsXiRiazvjlGlsJXputhYlSitmjGdqZleg5sAkB-gm6CwfaLuxabcI-QWitW-koloH1P4DpgEJ7z16EWtN_T8q8IkdI9cwe6xosz62pS0gHyQ9J6PVlHQlzLtvQAeTx3n1xWGBk091rtNFNr7w-0CcqfO5OcGXbkuxL68MEmaR8DQ-ldyWgdIlQre2RNfLmFHKENxeY4Fi4YQ1D35a3PXEcCGdPy0jUqSp5fhYOJ_-m_n7SpOtdRYiDF_RbTAZWulJL8hQAld1ogvDF3_6vxAuRaerVWw1SzCZoy-0A1IGQSWGJQ1LcouFwNezcKBP70iCyJjFw7-hy2K9YOOWE3P8gESx1w2nKwnq7Xh7fVYABLuXkfcZZHHZjkivMZgVmibL1p6NNAxmoqTJ5vAWpk5oYTNHTrIti1J5EUCCMty9nvzYBFCdSqYb8Pxkl2nAPU644f-JR0xjKc8TJLKvVe0pt-uzgiVvLRG7Mka5AjPDskHV3aTDkkTCSqdd5v_Q87wgR3TosYcS2aXAN5bOj0jGvkac81mi8Vx5ZNTYp1oApIhVkPAJEMyXdM1OLx_C1vtWcTU1HryB9k_xqjXQ7SgdqDMHceRcWFUDkYoXYbi1dsrLPndoN3zC_RHMU3mzEs-kP2CsZcKiNhfWLGEEi2YZfL47aDqVzM8cdFMCfnEzmKikJ98q8W2-wWPGCxLgnnx3x3rEJ-3WNi6lcrxYbf-kBBY_2sOwjAvDZnvOvBKMJRRMzLCCM5adg3bzTlOPx_qHq-HCujkNUREpbR_j8CJorLb15hM9i1Fyd3r-eQ9wzYfNFdVSXOraw_w8aUJZWGRQ269O83cHlKn6Yh7kS6ZmCrVJg7VFp7FXs8_iYFKUvubpd-yu0LdCW-UQScB96M-dGKjI8Nx222g9VaR89_A6jdV2ddqgsLwTW-BoZRug_fLbQ8tcDNIh4PXhtO54Ifk_I7AHTmU9iz5pwMk8Y7w-A-5-5BR5pZ40SmEZ&sai=AMfl-YR_YIEPpOhC_GhmGTkdwOl5pPaNPZF-lYaLZMtpxzdWM3FyBGRfhLkXifY242O9i6__cZ0ps9rKyB6ysginuWcJdxqYK06YREw2L0qhULY8PMs_OIEDLcPAhNtmFsW2gwMn-c6OCsWm3-7gBVlUpMRr8qHpslPQ5-juRO5q56DF2iwuktyfGJp-QlyqErsIoHckbKJSEbIarLkbi3YYWDuva0C1o7yaGsQprv4vH4MbFvwQXxUjFdtExYUK2qfW_J9Tiiq9JSzhpRy3oXsQbhAqcdB5o_yh9I3zpHS8Nb9l7WgczwNOCA0-4Yn9h3HfqNxfrYe3Tfz_FN-Dq81pwikNzO7aijewleKyDrkLYGfAbz_T-EgQpXHY9JWITE7O7DDzz-lHKSpVWYQwz8UeMw&sig=Cg0ArKJSzBn81yJxLgaBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=193&vt=11&dtpt=193&dett=2&cstd=0&cisv=r20220308.97954&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js
pagead2.googlesyndication.com/bg/ Frame 54FA
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c299cd7441c413e1fe1d6906628f36bdc1142e35fb5907ce8fefa36213db2dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:03:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13712
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 10:03:06 GMT
4727t6qteyti
hal9000.redintelligence.net/zone/ Frame 1389
11 KB
4 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUhj0DcgtYuStO7GA3gO06L2wDrXN-YNX_Ni5q-UM8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9Dy2QVWanGNE0abDVLRE7uclcMwTsvQtHsUIxFLVzgbtjmfZfReMnLLpPVTy1EAV-jNlj2uXPJgQXz9gTL-45axfc1-Z2NJhhs1YZsxf5lr6w6vIhGSD3ccT0Q1QUAvid3KaD8SK0-N3DEsE6ZuMHwywopql03fFG4EmIMofRL5QEt7VNXpp6T-LxD-DRnWt_lCiWWLJR99m9ozCGW3N16WoRTU4V_WipRDl83qYFybyZ4FcqAqH2echo0XPpfoREX5CR3waeXllil60KzwRA8t3P9Cjf-y_SSk6LvWFcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-Roil6pWZ_FSRI7pT1YgQwxmSDeHOal2JqyC8P0Yr2Tw33upEgfhg%26sig%3DAOD64_0wOZl9F-DO_KVyLWgd6Md1zTIMJg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CmbDkp3_Zrr3rxY1OyJcnqAVrmzXtzPOmwoUWuj0JDK3fKubmn5_kGmGehE6zhRnIqDFBf3QvBafOPBLewWCfQ9s2h_xIrU0SK8VpoOHgvFuFHquZHDpwEEbrtrrSdwyt2lBvtqdbl2n9RzfYjimvZ6ckuyA%26cry%3D1%26dbm_d%3DAKAmf-Dwmkjc_p0clqNpUVraw6XxjmBZF_VNnzTvUjYAbeKW7WKC-sz_oK9xWPeigNMaEbBC7SwVin5OdtbVrSneeGZ51r4awNF4XCaYYw7br9OOK1amqCe-1zMjF1qhF392R1Ni6xFEbKp6mOsDrr2GGbB-QLS9GheTi7Z26pNBV_4Heg_QdvZGrZqdKQLNmK0yiDDC6d679PGhN4gw6l0VjRg7LBjaHba3YxtDr-pZu6ZPqeAUruNc_qVREMUyXzovoSDA1c85i90BTn2hIlJ433FQ3XZb9dw4Irk6CkVM2Gd1yUNyCHjxybU2cjlYnBRuFvxKR3BAAiK76QWMhhdlwzo_y7a-LThlxjqC1q1W-dk748AeHFDBFJjRE1OcU-Yhl-QrzJyOhQOhKosUDB0nSoiniGH-tRb3loTfBYHJXJEoVvp69n4H9LStel2zL4pSTIm0Uwg1lAQSbDlo4ufIlXugAX-eJw%26adurl%3D
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
915b59897b21e9be15863aa5620b17d476996da229da123482a584bdec59b197

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3965
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
integrator.js
adservice.google.de/adsid/ Frame B2ED
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B2ED
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame B2ED
19 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2612437989791563&correlator=2488887536906768&eid=31063377%2C44756897&output=ldjh&gdfp_req=1&vrg=2022030801&ptt=17&impl=fif&sc=1&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie=ID%3D6bf49801c8b0f0f7-225df1845bcd0081%3AT%3D1647167501%3AS%3DALNI_Ma7ZDhgRWOZ6wZhyfuxlce6qtK_ig&abxe=1&dt=1647167502965&dlt=1647167502680&idt=269&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=1310&ucis=6v0whtwoiimn&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167503&ga_hid=1242093834&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
64cc219a5d11213dd0ae339608cebdfa99869a9f0010b236f7bf42b893757b69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10368
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B2ED
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6bb6407cde0b1ec326dc517b9db18feb3248ad68900ad9bae04db186a707da17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10693
x-xss-protection
0
container.html
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 35CA
6 KB
3 KB
Document
General
Full URL
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 13 Mar 2022 10:31:43 GMT
expires
Mon, 13 Mar 2023 10:31:43 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C646
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 11 Mar 2022 13:19:22 GMT
expires
Sat, 11 Mar 2023 13:19:22 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
162740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request.php
hal900024.redintelligence.net/ Frame 1389
4 KB
2 KB
Script
General
Full URL
https://hal900024.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=9865a78d9e&subid=&uid=4dc75d1110bb3b3d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUhj0DcgtYuStO7GA3gO06L2wDrXN-YNX_Ni5q-UM8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9Dy2QVWanGNE0abDVLRE7uclcMwTsvQtHsUIxFLVzgbtjmfZfReMnLLpPVTy1EAV-jNlj2uXPJgQXz9gTL-45axfc1-Z2NJhhs1YZsxf5lr6w6vIhGSD3ccT0Q1QUAvid3KaD8SK0-N3DEsE6ZuMHwywopql03fFG4EmIMofRL5QEt7VNXpp6T-LxD-DRnWt_lCiWWLJR99m9ozCGW3N16WoRTU4V_WipRDl83qYFybyZ4FcqAqH2echo0XPpfoREX5CR3waeXllil60KzwRA8t3P9Cjf-y_SSk6LvWFcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-Roil6pWZ_FSRI7pT1YgQwxmSDeHOal2JqyC8P0Yr2Tw33upEgfhg%26sig%3DAOD64_0wOZl9F-DO_KVyLWgd6Md1zTIMJg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CmbDkp3_Zrr3rxY1OyJcnqAVrmzXtzPOmwoUWuj0JDK3fKubmn5_kGmGehE6zhRnIqDFBf3QvBafOPBLewWCfQ9s2h_xIrU0SK8VpoOHgvFuFHquZHDpwEEbrtrrSdwyt2lBvtqdbl2n9RzfYjimvZ6ckuyA%26cry%3D1%26dbm_d%3DAKAmf-Dwmkjc_p0clqNpUVraw6XxjmBZF_VNnzTvUjYAbeKW7WKC-sz_oK9xWPeigNMaEbBC7SwVin5OdtbVrSneeGZ51r4awNF4XCaYYw7br9OOK1amqCe-1zMjF1qhF392R1Ni6xFEbKp6mOsDrr2GGbB-QLS9GheTi7Z26pNBV_4Heg_QdvZGrZqdKQLNmK0yiDDC6d679PGhN4gw6l0VjRg7LBjaHba3YxtDr-pZu6ZPqeAUruNc_qVREMUyXzovoSDA1c85i90BTn2hIlJ433FQ3XZb9dw4Irk6CkVM2Gd1yUNyCHjxybU2cjlYnBRuFvxKR3BAAiK76QWMhhdlwzo_y7a-LThlxjqC1q1W-dk748AeHFDBFJjRE1OcU-Yhl-QrzJyOhQOhKosUDB0nSoiniGH-tRb3loTfBYHJXJEoVvp69n4H9LStel2zL4pSTIm0Uwg1lAQSbDlo4ufIlXugAX-eJw%26adurl%3D&documentReferer=urn%3Auuid%3A52425aa3-28ea-213a-5876-213a28ea5242&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=6320327863626&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUhj0DcgtYuStO7GA3gO06L2wDrXN-YNX_Ni5q-UM8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9Dy2QVWanGNE0abDVLRE7uclcMwTsvQtHsUIxFLVzgbtjmfZfReMnLLpPVTy1EAV-jNlj2uXPJgQXz9gTL-45axfc1-Z2NJhhs1YZsxf5lr6w6vIhGSD3ccT0Q1QUAvid3KaD8SK0-N3DEsE6ZuMHwywopql03fFG4EmIMofRL5QEt7VNXpp6T-LxD-DRnWt_lCiWWLJR99m9ozCGW3N16WoRTU4V_WipRDl83qYFybyZ4FcqAqH2echo0XPpfoREX5CR3waeXllil60KzwRA8t3P9Cjf-y_SSk6LvWFcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-Roil6pWZ_FSRI7pT1YgQwxmSDeHOal2JqyC8P0Yr2Tw33upEgfhg%26sig%3DAOD64_0wOZl9F-DO_KVyLWgd6Md1zTIMJg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CmbDkp3_Zrr3rxY1OyJcnqAVrmzXtzPOmwoUWuj0JDK3fKubmn5_kGmGehE6zhRnIqDFBf3QvBafOPBLewWCfQ9s2h_xIrU0SK8VpoOHgvFuFHquZHDpwEEbrtrrSdwyt2lBvtqdbl2n9RzfYjimvZ6ckuyA%26cry%3D1%26dbm_d%3DAKAmf-Dwmkjc_p0clqNpUVraw6XxjmBZF_VNnzTvUjYAbeKW7WKC-sz_oK9xWPeigNMaEbBC7SwVin5OdtbVrSneeGZ51r4awNF4XCaYYw7br9OOK1amqCe-1zMjF1qhF392R1Ni6xFEbKp6mOsDrr2GGbB-QLS9GheTi7Z26pNBV_4Heg_QdvZGrZqdKQLNmK0yiDDC6d679PGhN4gw6l0VjRg7LBjaHba3YxtDr-pZu6ZPqeAUruNc_qVREMUyXzovoSDA1c85i90BTn2hIlJ433FQ3XZb9dw4Irk6CkVM2Gd1yUNyCHjxybU2cjlYnBRuFvxKR3BAAiK76QWMhhdlwzo_y7a-LThlxjqC1q1W-dk748AeHFDBFJjRE1OcU-Yhl-QrzJyOhQOhKosUDB0nSoiniGH-tRb3loTfBYHJXJEoVvp69n4H9LStel2zL4pSTIm0Uwg1lAQSbDlo4ufIlXugAX-eJw%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
13977410c5d04cd79154d66ab78bd610f7bcba84a5ebeb673defbe750d7623e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
49610700065596000710612011897024
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1314
Expires
Sun, 13 Mar 2022 10:31:43 +0100
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 599D
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:23:30 GMT
expires
Mon, 13 Mar 2023 10:23:30 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
493
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 2DFD
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0e4ee29eaf66bf9f1df2cbaeb71819cfbbeb22aac7e36fc9b02f2f04e511c9e3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vFc6Y/Iy9TpTSIFDtJLuBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 13 Mar 2022 10:31:43 GMT
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-vFc6Y/Iy9TpTSIFDtJLuBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ Frame 80F0
13 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51dcc2b5c50fa27a20b0c05bdf26f5b496b6bda930b087ccd0ae4856e68628e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10356
x-xss-protection
0
view.aspx
pb.media01.eu/ Frame D3BA
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e58739f38600d8697fb68?subid=28434000045773100757585011897021&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28434000045773100757585011897021&actionid=981741&produktid=&dt_url=
0
628 B
Document
General
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28434000045773100757585011897021&actionid=981741&produktid=&dt_url=
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=ce5b4e7790&subid=&uid=be8d50cce1e4fb9d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB1faDcgtYve2NMGPrASP0In4BN2t6KhgqNy3x7kK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9DidfI3GWyJxBWGrxOzGNOib5cOH1PXchBV1nb8VWpT5DwsztfLHWKzJn23hzA9L4RVYtJ2MHrznZ5LOFH7geyMVafgcCbpmroLNiYFCDcFi_lqPTXAmj8Y-VaChIWMu_BMyAobdDoLg3ZfoVNaW13K8P_iDbzb--bdOqr4Gks-3eM7IR0_E804eIXhgNmokWhoF7W_5Ckdf4Vdkyf6olP1obY4Nv9arehbebNrVv5No6oLbTeSgfrF1RYkE4erFURDvlNZFAPe9Mk-7lcd9j3VgxLG-7BaDdeZn60VycAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps%26sig%3DAOD64_0q8aB6LlcJa9IQoISwV9LOdwqqdw%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-AFfEQ7Bp-qymjlTJXBTL4ysvSmM0mm2mTWktyuKemMEm7HEt0Bdiima91ss84g5qXJgS5WEM9U1qPpS4KNYZPYrb5azDCgOCvcZI5E-yGW5koSh1gjG4Qjn8oW5DTndX03aqU1Xf_9zYqkZugo64a9gL_QVQ%26cry%3D1%26dbm_d%3DAKAmf-AfrZ-2Gzzg4WW8xoOvUzApGL-zPkPvPHqDYqtmG0ZdlilSqJmuJivnv-x7GDUNAO8C-vit6nFEd498Gn9jPb5Ylz2az06zz9ZcV6-3D16_1G4HY8Q47DcT3HTJbTIPjiediPVkNtxKIWmfLIUgTOryH5yk-kwzYXo-TkBzPGn5VaAnCFBXcxDUugs4KJ4yVMIEo59NLIDkVHyiCwY9LDFt4tJnNCcaNGGD7XxPwYYxsGGSkVTQDlddbaCI_nA6CKYMXjgDO3DTACb3VsjLfZ7amaSryO5HT8s88WLqqEE5c4U6K0OECCS1RNTM1ipDTkPXKz2GbdMiFK80-W-E_RMzbG7a3mgDlYYMtJHsolCYjsgBetYG8sUpIaTXVSMkJvICCiiUNhLShXXhrZRW81QRTg5RNSrMJ_IrBI_EDUrtPZ8hkD-Qf_WC82w54XY-34KH3Dxkh1yaTIH4Rmllzu9fW0qrYQ%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=9505920041827&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Sun, 13 Mar 2022 11:31:42 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Sun, 13 Mar 2022 10:31:42 GMT
content-length
0

Redirect headers

Server
nginx/1.17.5
Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Type
application/javascript
Content-Length
0
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28434000045773100757585011897021&actionid=981741&produktid=&dt_url=
Host
pv.medialead.de
Proxy-Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:EBCC_91EFC182:01BB_622DC80F_C2C2CC8:7DE1
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40028
activityi;dc_pre=CL6Io4_xwvYCFdAaGwodeIUCzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943
5994599.fls.doubleclick.net/ Frame 3188
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CL6Io4_xwvYCFdAaGwodeIUCzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943?
391 B
344 B
Document
General
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CL6Io4_xwvYCFdAaGwodeIUCzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943?
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
b028d17ab2e8d0fbb2e1a8fbd4e48b45b8b4da712f6e9521615140392235c06e
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 13 Mar 2022 10:31:43 GMT
expires
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
321
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 13 Mar 2022 10:31:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CL6Io4_xwvYCFdAaGwodeIUCzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900021.redintelligence.net/ Frame 035C
7 KB
3 KB
Document
General
Full URL
https://hal900021.redintelligence.net/request_content.php?s=28434000045773100757585011897021&a=3497a78c
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=ce5b4e7790&subid=&uid=be8d50cce1e4fb9d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB1faDcgtYve2NMGPrASP0In4BN2t6KhgqNy3x7kK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9DidfI3GWyJxBWGrxOzGNOib5cOH1PXchBV1nb8VWpT5DwsztfLHWKzJn23hzA9L4RVYtJ2MHrznZ5LOFH7geyMVafgcCbpmroLNiYFCDcFi_lqPTXAmj8Y-VaChIWMu_BMyAobdDoLg3ZfoVNaW13K8P_iDbzb--bdOqr4Gks-3eM7IR0_E804eIXhgNmokWhoF7W_5Ckdf4Vdkyf6olP1obY4Nv9arehbebNrVv5No6oLbTeSgfrF1RYkE4erFURDvlNZFAPe9Mk-7lcd9j3VgxLG-7BaDdeZn60VycAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps%26sig%3DAOD64_0q8aB6LlcJa9IQoISwV9LOdwqqdw%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-AFfEQ7Bp-qymjlTJXBTL4ysvSmM0mm2mTWktyuKemMEm7HEt0Bdiima91ss84g5qXJgS5WEM9U1qPpS4KNYZPYrb5azDCgOCvcZI5E-yGW5koSh1gjG4Qjn8oW5DTndX03aqU1Xf_9zYqkZugo64a9gL_QVQ%26cry%3D1%26dbm_d%3DAKAmf-AfrZ-2Gzzg4WW8xoOvUzApGL-zPkPvPHqDYqtmG0ZdlilSqJmuJivnv-x7GDUNAO8C-vit6nFEd498Gn9jPb5Ylz2az06zz9ZcV6-3D16_1G4HY8Q47DcT3HTJbTIPjiediPVkNtxKIWmfLIUgTOryH5yk-kwzYXo-TkBzPGn5VaAnCFBXcxDUugs4KJ4yVMIEo59NLIDkVHyiCwY9LDFt4tJnNCcaNGGD7XxPwYYxsGGSkVTQDlddbaCI_nA6CKYMXjgDO3DTACb3VsjLfZ7amaSryO5HT8s88WLqqEE5c4U6K0OECCS1RNTM1ipDTkPXKz2GbdMiFK80-W-E_RMzbG7a3mgDlYYMtJHsolCYjsgBetYG8sUpIaTXVSMkJvICCiiUNhLShXXhrZRW81QRTg5RNSrMJ_IrBI_EDUrtPZ8hkD-Qf_WC82w54XY-34KH3Dxkh1yaTIH4Rmllzu9fW0qrYQ%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=9505920041827&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
c5de476e2821c786cd2f8605323df45a1035e6ff01a613219ec96fc034a863bc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sun, 13 Mar 2022 10:31:43 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2313
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame E3CF
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c60dd9372c9ff3fb4a9ad4c841dea15b5f625094870c20c892f1c57092f14534

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B2ED
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:43 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 80F0
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:43 GMT
container.html
25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3F7E
6 KB
3 KB
Document
General
Full URL
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:31:42 GMT
expires
Mon, 13 Mar 2023 10:31:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/297e06ebe1e7c0cbfcf04a5acc8fddff:7c05f90fb9bae83f80791afd99bf28142126e4bd48556f43e12838180b20c2d2fef4a2e4eca0ec7db4f87943397119952f2949644d2d71d0eb787bb6c96105daf8fbb2f123d5503... Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/a/297e06ebe1e7c0cbfcf04a5acc8fddff:7c05f90fb9bae83f80791afd99bf28142126e4bd48556f43e12838180b20c2d2fef4a2e4eca0ec7db4f87943397119952f2949644d2d71d0eb787bb6c96105daf8fbb2f123d550348f67d1d59454eb5df9b28ee0b01ffb07160fd4b8afbe4374/i?id=51a825cf-c9f4-433e-90e3-6c0f7be5e970&ts=1647167503143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
d097d4e2-cff9-4f98-a20e-630a8f5ec162
i
api.purpleads.io/x/a/297e06ebe1e7c0cbfcf04a5acc8fddff:7c05f90fb9bae83f80791afd99bf28142126e4bd48556f43e12838180b20c2d2fef4a2e4eca0ec7db4f87943397119952f2949644d2d71d0eb787bb6c96105daf8fbb2f123d5503...
0
199 B
Fetch
General
Full URL
https://api.purpleads.io/x/a/297e06ebe1e7c0cbfcf04a5acc8fddff:7c05f90fb9bae83f80791afd99bf28142126e4bd48556f43e12838180b20c2d2fef4a2e4eca0ec7db4f87943397119952f2949644d2d71d0eb787bb6c96105daf8fbb2f123d550348f67d1d59454eb5df9b28ee0b01ffb07160fd4b8afbe4374/i?id=51a825cf-c9f4-433e-90e3-6c0f7be5e970&ts=1647167503143
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
0.4.13

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:43 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
80658b99-9eaf-429f-a3ca-89341ef24832
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 035C
89 KB
90 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=28434000045773100757585011897021&a=3497a78c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 08:29:31 GMT
x-content-type-options
nosniff
age
180132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91556
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Mar 2023 08:29:31 GMT
pb_girostart_728x90.gif
www.ad-server.eu/wm/pb/girostart/standard/ Frame 035C
Redirect Chain
  • https://pv.medialead.de/trck/eview/e99aace94e6e58739f38600d8697fb68?subid=28434000045773100757585011897021
  • https://www.ad-server.eu/wm/pb/girostart/standard/pb_girostart_728x90.gif
8 KB
9 KB
Image
General
Full URL
https://www.ad-server.eu/wm/pb/girostart/standard/pb_girostart_728x90.gif
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=28434000045773100757585011897021&a=3497a78c
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
ec4e04bf6aa1d19b00d36e194a14e06ffc6e75ec1cad535230beee9adc322e82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:37:17 GMT
Last-Modified
Tue, 06 Apr 2021 12:56:42 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"606c5a8a-21e4"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8676

Redirect headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:EBCC_91EFC182:01BB_622DC80F_C2C2CD1:7DE1
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=15768000
Content-Type
application/go
Location
https://www.ad-server.eu/wm/pb/girostart/standard/pb_girostart_728x90.gif
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
/
api.purpleads.io/x/b/
9 KB
2 KB
Fetch
General
Full URL
https://api.purpleads.io/x/b/?idx=7&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=bda687bb-ab21-4253-95a1-ae2d1e1115bd&demand=cybermedia&ts=1647167503153
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
bc8854601f38c9e4fd09873ba3edf5ed493e51d3187205690d91c73054116e42

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
etag
W/"23f6-5cclyunjljR73Y/YnLiIetn4d+s"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
a60ad3fa-d590-4016-b206-987d15c4a058
/
api.purpleads.io/x/b/ Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/b/?idx=7&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=bda687bb-ab21-4253-95a1-ae2d1e1115bd&demand=cybermedia&ts=1647167503153
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
d59f68a3-d1c2-49a4-a151-cab87f89572d
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame C646
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
view.aspx
pb.media01.eu/ Frame 77D0
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=49610700065596000710612011897024&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=49610700065596000710612011897024&actionid=981741&produktid=&dt_url=
0
36 B
Document
General
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=49610700065596000710612011897024&actionid=981741&produktid=&dt_url=
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=9865a78d9e&subid=&uid=4dc75d1110bb3b3d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUhj0DcgtYuStO7GA3gO06L2wDrXN-YNX_Ni5q-UM8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9Dy2QVWanGNE0abDVLRE7uclcMwTsvQtHsUIxFLVzgbtjmfZfReMnLLpPVTy1EAV-jNlj2uXPJgQXz9gTL-45axfc1-Z2NJhhs1YZsxf5lr6w6vIhGSD3ccT0Q1QUAvid3KaD8SK0-N3DEsE6ZuMHwywopql03fFG4EmIMofRL5QEt7VNXpp6T-LxD-DRnWt_lCiWWLJR99m9ozCGW3N16WoRTU4V_WipRDl83qYFybyZ4FcqAqH2echo0XPpfoREX5CR3waeXllil60KzwRA8t3P9Cjf-y_SSk6LvWFcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-Roil6pWZ_FSRI7pT1YgQwxmSDeHOal2JqyC8P0Yr2Tw33upEgfhg%26sig%3DAOD64_0wOZl9F-DO_KVyLWgd6Md1zTIMJg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CmbDkp3_Zrr3rxY1OyJcnqAVrmzXtzPOmwoUWuj0JDK3fKubmn5_kGmGehE6zhRnIqDFBf3QvBafOPBLewWCfQ9s2h_xIrU0SK8VpoOHgvFuFHquZHDpwEEbrtrrSdwyt2lBvtqdbl2n9RzfYjimvZ6ckuyA%26cry%3D1%26dbm_d%3DAKAmf-Dwmkjc_p0clqNpUVraw6XxjmBZF_VNnzTvUjYAbeKW7WKC-sz_oK9xWPeigNMaEbBC7SwVin5OdtbVrSneeGZ51r4awNF4XCaYYw7br9OOK1amqCe-1zMjF1qhF392R1Ni6xFEbKp6mOsDrr2GGbB-QLS9GheTi7Z26pNBV_4Heg_QdvZGrZqdKQLNmK0yiDDC6d679PGhN4gw6l0VjRg7LBjaHba3YxtDr-pZu6ZPqeAUruNc_qVREMUyXzovoSDA1c85i90BTn2hIlJ433FQ3XZb9dw4Irk6CkVM2Gd1yUNyCHjxybU2cjlYnBRuFvxKR3BAAiK76QWMhhdlwzo_y7a-LThlxjqC1q1W-dk748AeHFDBFJjRE1OcU-Yhl-QrzJyOhQOhKosUDB0nSoiniGH-tRb3loTfBYHJXJEoVvp69n4H9LStel2zL4pSTIm0Uwg1lAQSbDlo4ufIlXugAX-eJw%26adurl%3D&documentReferer=urn%3Auuid%3A52425aa3-28ea-213a-5876-213a28ea5242&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=6320327863626&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Sun, 13 Mar 2022 11:31:42 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Sun, 13 Mar 2022 10:31:42 GMT
content-length
0

Redirect headers

Server
nginx/1.17.5
Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Type
application/javascript
Content-Length
0
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=49610700065596000710612011897024&actionid=981741&produktid=&dt_url=
Host
pv.medialead.de
Proxy-Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:EBCC_91EFC182:01BB_622DC80F_C2C2CDD:7DE1
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40028
/
adv.office-partner.de/ Frame F146
930 B
931 B
Document
General
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=9865a78d9e&subid=&uid=4dc75d1110bb3b3d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUhj0DcgtYuStO7GA3gO06L2wDrXN-YNX_Ni5q-UM8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9Dy2QVWanGNE0abDVLRE7uclcMwTsvQtHsUIxFLVzgbtjmfZfReMnLLpPVTy1EAV-jNlj2uXPJgQXz9gTL-45axfc1-Z2NJhhs1YZsxf5lr6w6vIhGSD3ccT0Q1QUAvid3KaD8SK0-N3DEsE6ZuMHwywopql03fFG4EmIMofRL5QEt7VNXpp6T-LxD-DRnWt_lCiWWLJR99m9ozCGW3N16WoRTU4V_WipRDl83qYFybyZ4FcqAqH2echo0XPpfoREX5CR3waeXllil60KzwRA8t3P9Cjf-y_SSk6LvWFcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-Roil6pWZ_FSRI7pT1YgQwxmSDeHOal2JqyC8P0Yr2Tw33upEgfhg%26sig%3DAOD64_0wOZl9F-DO_KVyLWgd6Md1zTIMJg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CmbDkp3_Zrr3rxY1OyJcnqAVrmzXtzPOmwoUWuj0JDK3fKubmn5_kGmGehE6zhRnIqDFBf3QvBafOPBLewWCfQ9s2h_xIrU0SK8VpoOHgvFuFHquZHDpwEEbrtrrSdwyt2lBvtqdbl2n9RzfYjimvZ6ckuyA%26cry%3D1%26dbm_d%3DAKAmf-Dwmkjc_p0clqNpUVraw6XxjmBZF_VNnzTvUjYAbeKW7WKC-sz_oK9xWPeigNMaEbBC7SwVin5OdtbVrSneeGZ51r4awNF4XCaYYw7br9OOK1amqCe-1zMjF1qhF392R1Ni6xFEbKp6mOsDrr2GGbB-QLS9GheTi7Z26pNBV_4Heg_QdvZGrZqdKQLNmK0yiDDC6d679PGhN4gw6l0VjRg7LBjaHba3YxtDr-pZu6ZPqeAUruNc_qVREMUyXzovoSDA1c85i90BTn2hIlJ433FQ3XZb9dw4Irk6CkVM2Gd1yUNyCHjxybU2cjlYnBRuFvxKR3BAAiK76QWMhhdlwzo_y7a-LThlxjqC1q1W-dk748AeHFDBFJjRE1OcU-Yhl-QrzJyOhQOhKosUDB0nSoiniGH-tRb3loTfBYHJXJEoVvp69n4H9LStel2zL4pSTIm0Uwg1lAQSbDlo4ufIlXugAX-eJw%26adurl%3D&documentReferer=urn%3Auuid%3A52425aa3-28ea-213a-5876-213a28ea5242&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=6320327863626&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
keycdn-engine
date
Sun, 13 Mar 2022 10:31:43 GMT
content-type
text/html
content-length
552
x-accel-version
0.01
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16b3be00-gzip"
vary
Accept-Encoding
content-encoding
gzip
expires
Sun, 20 Mar 2022 10:31:43 GMT
cache-control
max-age=604800
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
accept-ranges
bytes
link.html
track.webgains.com/ Frame 1389
1 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=3432255&wgcampaignid=99582&js=1&nw=1&viewref=49610700065596000710612011897024
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
21f07320c24e26e1fad8927ea34e6c82c4c53e8e235dac2e0cb8378a82632ed3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Last-Modified
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1239
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 1389
1 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=49610700065596000710612011897024&nw=1
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
8b4fa49a1fc6f0c438705bcb65f85d81b05adb553adf3d2a2f2837c29f5a9aa2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Last-Modified
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1233
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CIDBp4_xwvYCFdeEhQodBuMNEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799
8019191.fls.doubleclick.net/ Frame BA66
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CIDBp4_xwvYCFdeEhQodBuMNEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799?
391 B
345 B
Document
General
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CIDBp4_xwvYCFdeEhQodBuMNEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799?
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
bcd3e5551b1b124d71a393467a4f48238ae52dfc3843f793c374b684574faf3f
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 13 Mar 2022 10:31:43 GMT
expires
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 13 Mar 2022 10:31:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CIDBp4_xwvYCFdeEhQodBuMNEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900024.redintelligence.net/ Frame C1A5
7 KB
2 KB
Document
General
Full URL
https://hal900024.redintelligence.net/request_content.php?s=49610700065596000710612011897024&a=442b5c9b
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=9865a78d9e&subid=&uid=4dc75d1110bb3b3d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUhj0DcgtYuStO7GA3gO06L2wDrXN-YNX_Ni5q-UM8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9Dy2QVWanGNE0abDVLRE7uclcMwTsvQtHsUIxFLVzgbtjmfZfReMnLLpPVTy1EAV-jNlj2uXPJgQXz9gTL-45axfc1-Z2NJhhs1YZsxf5lr6w6vIhGSD3ccT0Q1QUAvid3KaD8SK0-N3DEsE6ZuMHwywopql03fFG4EmIMofRL5QEt7VNXpp6T-LxD-DRnWt_lCiWWLJR99m9ozCGW3N16WoRTU4V_WipRDl83qYFybyZ4FcqAqH2echo0XPpfoREX5CR3waeXllil60KzwRA8t3P9Cjf-y_SSk6LvWFcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-Roil6pWZ_FSRI7pT1YgQwxmSDeHOal2JqyC8P0Yr2Tw33upEgfhg%26sig%3DAOD64_0wOZl9F-DO_KVyLWgd6Md1zTIMJg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CmbDkp3_Zrr3rxY1OyJcnqAVrmzXtzPOmwoUWuj0JDK3fKubmn5_kGmGehE6zhRnIqDFBf3QvBafOPBLewWCfQ9s2h_xIrU0SK8VpoOHgvFuFHquZHDpwEEbrtrrSdwyt2lBvtqdbl2n9RzfYjimvZ6ckuyA%26cry%3D1%26dbm_d%3DAKAmf-Dwmkjc_p0clqNpUVraw6XxjmBZF_VNnzTvUjYAbeKW7WKC-sz_oK9xWPeigNMaEbBC7SwVin5OdtbVrSneeGZ51r4awNF4XCaYYw7br9OOK1amqCe-1zMjF1qhF392R1Ni6xFEbKp6mOsDrr2GGbB-QLS9GheTi7Z26pNBV_4Heg_QdvZGrZqdKQLNmK0yiDDC6d679PGhN4gw6l0VjRg7LBjaHba3YxtDr-pZu6ZPqeAUruNc_qVREMUyXzovoSDA1c85i90BTn2hIlJ433FQ3XZb9dw4Irk6CkVM2Gd1yUNyCHjxybU2cjlYnBRuFvxKR3BAAiK76QWMhhdlwzo_y7a-LThlxjqC1q1W-dk748AeHFDBFJjRE1OcU-Yhl-QrzJyOhQOhKosUDB0nSoiniGH-tRb3loTfBYHJXJEoVvp69n4H9LStel2zL4pSTIm0Uwg1lAQSbDlo4ufIlXugAX-eJw%26adurl%3D&documentReferer=urn%3Auuid%3A52425aa3-28ea-213a-5876-213a28ea5242&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=6320327863626&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
cf07f4e2b9da5553441038123a2ff2fb6312d9561dc698248f6d59718a956432

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sun, 13 Mar 2022 10:31:43 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2081
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame 1389
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=49610700065596000710612011897024
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=49610700065596000710612011897024
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B
Image
General
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:37:18 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:EBCC_91EFC182:01BB_622DC80F_C2C2CE9:7DE1
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=15768000
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 731A
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:23:30 GMT
expires
Mon, 13 Mar 2023 10:23:30 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
493
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame FCE3
783 B
532 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f12f9c973246403ba908674bd2848ac00239354fa1521217c5c103c1c0f5200f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eS+sTDDCgoXlqEMsf5Fetw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 13 Mar 2022 10:31:43 GMT
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-eS+sTDDCgoXlqEMsf5Fetw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
510
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 2DFD
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030801&jk=1646061999790071&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

truncated
/ Frame 1389
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dca6b47d1b1344b8dd75f53684acb1030b705199079a5419e9db1140a4361e19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 599D
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
css
fonts.googleapis.com/ Frame C1A5
1 KB
419 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=49610700065596000710612011897024&a=442b5c9b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Mar 2022 08:50:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 13 Mar 2022 10:31:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Mar 2022 10:31:43 GMT
/
hal9000.redintelligence.net/scale/ Frame C1A5
16 KB
16 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=49610700065596000710612011897024&a=442b5c9b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7bbf02d07a9047481f569d2705cd1a395da1c314f0b19cc96558ba97c132b6ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16247
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame C1A5
15 KB
15 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52113/creativesup/TRG-march-panini-games-banner-1200x627.jpg
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=49610700065596000710612011897024&a=442b5c9b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
61098cc685e1ee432a4f0898efcc830dd9375b97788ee674519c774e418b6361

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
15217
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame C1A5
16 KB
16 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=49610700065596000710612011897024&a=442b5c9b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
527b4867bcc7b8a38fac16fea9cc147439ccbe2bb0e23d194e152d1f8d65d154

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16530
Vary
Accept-Encoding
Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 3F7E
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqcvRDsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoEwwJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC9ALimupzSGx3o_2QVmGrMWftIsRDNscC4UGHj9-WNMwavjB13WN-AEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTQxMzMyOTU0NDA0MDk0NxjBjHQ&sigh=xVLhPC982y8&uach_m=[UACH]&cid=CAQSOwCNIrLM1fCF1lfqcNdgt_VYdzo37thKvY29nzGJeQC4g9tPk-8F33zB6ReTp8ORYDne1p_ZdQENs3vkGAE
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

winResponse
prod-rtb.ad4mat.net/ Frame 3F7E
0
0
Fetch
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gsjv5y56kqpqrv5j270ejcfw16gmf0ncs9deysydf84s57ysm0hw1zvrvscawjbyemc02sm41vt4ed2a9194eh7qbndejjkfwzmyn8b9vjwen91bke4bvjbtfabfenxyv5670zcs65qt5ys9q1dvzzb860kwjdd95qhjqjnaxv55xa1tzb8y2j8gx67yfdsfdwz5j9ahympmeagraq229cf13p6dp34ge7g4bh8eq4r1wae43g1vbvagma388gvqesbwnwdj2sndpgjt9jjsahqwnh95xae774be7753ch0z5vwrb58mky3ztemy3z0qvm8r2xkm2x5gs4688n3g4c63twhxasmq2470920vq6qp4df037cw66zxdt8ghcqyapgv5spq0fx9t5jv3zthywf0zryyrth4r&b=Yi3IDgAN08sKd8GDAAnIwn70GCsqXAI6F1P58Q
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 13 Mar 2022 10:31:43 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame AF83
2 KB
3 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1h3evfgqda3erpwq2kg8pcv11npetdqpr79cfkev0ckeg9gx3sc9e84p6g4cgrb45nw4v2wmrkbzr9wwgsn0d04vvb6xfbcz9wp16yxssbbd2xf2na7hczbmk834vqyeyg1c9dxzeph0twv9tgw1wm8rvs8bvpe2r5ejb2egpv1j2vvm5bam7k1qy45d4qdye4ahs7tey8mpp8wsaty92jaxcab2ts9gsqbkgk3smra3gmcdbnk7dfxr3dz3z190gmpbc3x18ghgkhzzgs4zd81nccrya09b7x71mnzg1m7ty6rqe0jtd07xscqxbzxrxr814crpdv3dgrqs4ebkjn12ex3z10fbvewhqa2j3e61n5r24ap4aff6e9f67tn4mwvzvfepxncme3z8pw5famrberrjr73k8ctmfmf7nqe5xhcffpfw8qec39yzk1jjbn0g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%26client%3Dca-pub-5413329544040947%26adurl%3D
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf8731cd02a2e9466c545c3b8a76496a9550af2816014533927223bbb51cf2ce
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6eb419ff89178fe3-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 3F7E
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 02B3
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Sat, 12 Mar 2022 13:26:12 GMT
expires
Sun, 13 Mar 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
75931
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3F7E
117 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36343
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646830771070120"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:43 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 3F7E
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:29:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6397
x-xss-protection
0
server
cafe
etag
14404976697706490601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:29:53 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3F7E
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 13:19:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 11 Mar 2023 13:19:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DFC
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4MztDsgtYvLjF_64x_APlPqI0AsAAAAAOAHgBAI&bg=!8fKl8rbNAAb7UztL-1M7ACkAdvg8WoUW4t_sR6LonJsiViL71TnCtHmfLgnYyqXydcOJs9YPLS5oQgIAAAEpUgAAAAFoAQeZAyyyfgvj5zh6a53yMwbUw9jdS3CgskUsyMG93kL9l8q0DTH-JG3-1QPzr1cigMTASh47T-JVYCXjUnQ5pPzLA-p3ae0_dyoGItFyPCH555n1etNgNJsydfox_870fIGlNC_gnwdwNGXq-VHJMOmLmoGgbKLnlPFJ_vd22hTGXC1KA44k5iUG11GiKtntbrNMKCSGtUputwQ9DrMACxPz0_pr9OYWKA3ibiMt54uhPh1ZkWSsWpHovfht1TS55YYZuimgknzyQDZAdSC_BFAkHETgmGcysUsJHsppu7-EhmLy6UQ5VPkmYtX9Gq1JV90bl27YGMxdKtbrpdRH442K5aTb2Ewe6es7VUGTHMWzvHm1r3cVfK4DgtmQHnVuiABBYt4qJZnFHZGGMIEzf475plvYm0NPt1-YnZmJARrtZQsQFm7k8bEUr-_RNCldYBCjkYK9Vh9cO3HMmZdABJaKqyoHRinG0CSxkxqdcFexR7n67-p9Fab8oCIRbaW29SGg3MXrTaUamWelQs7hSNU3TcpMIsw592hlv0yFGZ-Fn475203Kl4jeeRUDCxc0ASKIVmSOr2TSbzDQRTZcbNaueRohmh81ZA_mIm33y7GmE-9Ve4jC-vS5ntvEz_Iv_SWdMa7XJWlz1PprxB6B7HsKCGgQiArzjP1HJ34Nix6hvg_bhUO5VTxFI38H91TEiA-0wzgmngk6fzWwNA6k3KE12jc2v85u7-_NB35DNeYUSlQjwy1jUvc3pzNfwP117IuKbASgMmG0NrybAganGeBFl9qwwc88OKzydZ3Wz0QF6Oa_WB6qjd-H_VXBYVKinA9P5E8i5-XIrVhFM-3S3mRkCdDUToREospXkn9Ryko8ix_WQps9InzhehQl0x7UtfNZ5oaR-i1gN0D2N1_TUMEfJ_YLX_0SJd7vjYJOnLt3gDahd-P7pgpM4P7UdRvX4uD4P6ZiS_5AuUH2s6jcU6qGpW4R1BlMzOIrGJoXTcwYxw8m4B9Sne-T0yj77wTjvUE8R-g4fl2gDUW6BN-wsAYLZYnk28LYiX9uA02mWqw5GCT6ics32vV7I3W_wC8tuQ
Requested by
Host: c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
URL: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CL6Io4_xwvYCFdAaGwodeIUCzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943
adservice.google.com/ddm/fls/z/ Frame 3188
42 B
63 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CL6Io4_xwvYCFdAaGwodeIUCzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CL6Io4_xwvYCFdAaGwodeIUCzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 58F3
6 KB
3 KB
Document
General
Full URL
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:31:43 GMT
expires
Mon, 13 Mar 2023 10:31:43 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/fb0fd80144dfd0ee2f04265b273539db:66d14c4ac13062f832c1780ef07f62c41bed5caba8991b69918c3acc0c5368b4ce3d22abaff21b37a8a5800cf506df9130e8ce22c5c2693d6817f4f77dd8c66ae6ae40ad2ebba34... Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/a/fb0fd80144dfd0ee2f04265b273539db:66d14c4ac13062f832c1780ef07f62c41bed5caba8991b69918c3acc0c5368b4ce3d22abaff21b37a8a5800cf506df9130e8ce22c5c2693d6817f4f77dd8c66ae6ae40ad2ebba34c2f7df906a1a62949e454ea7f3bf319917a94d17b3bfbaa0dbe4c92247c1995389c9b0454189d9334628dcd5f8ac7a5274e1f9eda842b071a70d591a5deab3f32340fb5ba8514a7ad/i?id=3709af26-0fb8-4fbb-ba6c-cdfc1bfb96d9&ts=1647167503343
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
a72d9b1d-04f5-4aec-b35b-bb1f33180a1a
i
api.purpleads.io/x/a/fb0fd80144dfd0ee2f04265b273539db:66d14c4ac13062f832c1780ef07f62c41bed5caba8991b69918c3acc0c5368b4ce3d22abaff21b37a8a5800cf506df9130e8ce22c5c2693d6817f4f77dd8c66ae6ae40ad2ebba34...
0
199 B
Fetch
General
Full URL
https://api.purpleads.io/x/a/fb0fd80144dfd0ee2f04265b273539db:66d14c4ac13062f832c1780ef07f62c41bed5caba8991b69918c3acc0c5368b4ce3d22abaff21b37a8a5800cf506df9130e8ce22c5c2693d6817f4f77dd8c66ae6ae40ad2ebba34c2f7df906a1a62949e454ea7f3bf319917a94d17b3bfbaa0dbe4c92247c1995389c9b0454189d9334628dcd5f8ac7a5274e1f9eda842b071a70d591a5deab3f32340fb5ba8514a7ad/i?id=3709af26-0fb8-4fbb-ba6c-cdfc1bfb96d9&ts=1647167503343
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:43 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
6de49936-a4a1-46a5-a8f2-020c3b65e276
gtm.js
www.googletagmanager.com/ Frame F146
83 KB
32 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5aa62593f059da36f7a9c7afabb0e0b9e6d35b60340684d40672e36e7205b4ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32743
x-xss-protection
0
last-modified
Sun, 13 Mar 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 13 Mar 2022 10:31:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A6B
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030201&jk=419646701581709&bg=!zM-lz4vNAAb7UztL-1M7ACkAdvg8WrKnLidBPomgy8EEMuNxZZ1SCUmBRdtnDW_Qky5rsjzvWIXcNwIAAAFtUgAAAAJoAQcKAF5wyoeWJpX5ydDnOEctO12I0ABk46ABAxzo9VRlt6pkb22_lPQBQjJPxtrLFwTD8KtWYnbXYPbMC84KTvIfLV4BEPh3pvx3coO3QPpm-YN7xjmZSEPxajXF9aJT9hVrmQLdAYDR5Miww2dg_a-4bsukDBJNymJgIjN910FjV4HitQ75iCQpgWMNE4M0XZ5f9A--6DGdcAeUO1Z4TIOyEzRwzhUJ8LtdM5pn5SWBGkYHcDbg9RNHblwgYYkguFtAaQOWtR5MFFR6pZHi6e2PAqoadJeUvQz6l6qDqHp4xd6BssBmNfAQiQG4I6LaKv6dRQt-0C2-NjS7k3S-MYIN7FnfeqDg1bppRC1F5LGbfWc0MXdb3KB-PGRyArRYMvwGpYJPdHn_kJOnXmBRU-02wEMXMUrSxjWE2AmodXEFWUz0Mnf0FsPw5JltEABkpA53fmYMkpwpCN23SlSSygLDoQzt8Jj-iYNhPJqILoQBsWqNnIqVLSXgZwgJXxKjr_Cgv70wzU1IBAvNz7HZwPHCNVJtGcOkyKq1JaJO4Tbz-wmgr8iWtFe1OSiJGoDCkAWuw9bds5r6kwBDunoT2c7yfWFMAujhloeVPmp6Yzw05yQM4x1Nf7ZFpauUfNFwQd3NL3jpA_k1lHHLrC5i5KT3toiicKN8Dnn7YKapoLm-bJYO4N0xGeDJNYJNNMG9Y3KgYybSXVKJLPNiLEQkaVK4ZzcJ_J8-9D7UBNhbDPHaLBMYa75Z6usm7YNX_8cxGgktrssTSwFhMwLE-EPStCpIMC3RFwouYlxoTYgRZOLvKjsXb2_JPmaH5Mq8OL9VSuPxtmCEzi7rbsb5m2OIbNp_mz6m6gKaCj7tyvh8-lEOULGyWnqiV8c5Svde5D3dWwsEjGfJ58l_vjC6X5avM5wx4eYEg_ZzL0vobnJ40Y6-QCRH6Cu8qkRhZD05T63UBqn87BZYbDNKDjGcqDFY5b7oVN72_JYRuKAH2_TuIXqn83vfVCLs2lr-rJnfbATeIYoh-Xf1rKyvzmeR08cTzw7JvG7buxnJicZvTN5T3mLFxsChQmad8wM5SmL9nt2w8i8lg1G8Ap480J84ZSsvafPalw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CIDBp4_xwvYCFdeEhQodBuMNEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799
adservice.google.com/ddm/fls/z/ Frame BA66
42 B
63 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIDBp4_xwvYCFdeEhQodBuMNEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIDBp4_xwvYCFdeEhQodBuMNEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame AF83
81 KB
11 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h3evfgqda3erpwq2kg8pcv11npetdqpr79cfkev0ckeg9gx3sc9e84p6g4cgrb45nw4v2wmrkbzr9wwgsn0d04vvb6xfbcz9wp16yxssbbd2xf2na7hczbmk834vqyeyg1c9dxzeph0twv9tgw1wm8rvs8bvpe2r5ejb2egpv1j2vvm5bam7k1qy45d4qdye4ahs7tey8mpp8wsaty92jaxcab2ts9gsqbkgk3smra3gmcdbnk7dfxr3dz3z190gmpbc3x18ghgkhzzgs4zd81nccrya09b7x71mnzg1m7ty6rqe0jtd07xscqxbzxrxr814crpdv3dgrqs4ebkjn12ex3z10fbvewhqa2j3e61n5r24ap4aff6e9f67tn4mwvzvfepxncme3z8pw5famrberrjr73k8ctmfmf7nqe5xhcffpfw8qec39yzk1jjbn0g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1h3evfgqda3erpwq2kg8pcv11npetdqpr79cfkev0ckeg9gx3sc9e84p6g4cgrb45nw4v2wmrkbzr9wwgsn0d04vvb6xfbcz9wp16yxssbbd2xf2na7hczbmk834vqyeyg1c9dxzeph0twv9tgw1wm8rvs8bvpe2r5ejb2egpv1j2vvm5bam7k1qy45d4qdye4ahs7tey8mpp8wsaty92jaxcab2ts9gsqbkgk3smra3gmcdbnk7dfxr3dz3z190gmpbc3x18ghgkhzzgs4zd81nccrya09b7x71mnzg1m7ty6rqe0jtd07xscqxbzxrxr814crpdv3dgrqs4ebkjn12ex3z10fbvewhqa2j3e61n5r24ap4aff6e9f67tn4mwvzvfepxncme3z8pw5famrberrjr73k8ctmfmf7nqe5xhcffpfw8qec39yzk1jjbn0g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%26client%3Dca-pub-5413329544040947%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
434505
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Tue, 08 Mar 2022 09:49:58 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6eb41a005afd92ad-FRA
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame AF83
35 KB
13 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h3evfgqda3erpwq2kg8pcv11npetdqpr79cfkev0ckeg9gx3sc9e84p6g4cgrb45nw4v2wmrkbzr9wwgsn0d04vvb6xfbcz9wp16yxssbbd2xf2na7hczbmk834vqyeyg1c9dxzeph0twv9tgw1wm8rvs8bvpe2r5ejb2egpv1j2vvm5bam7k1qy45d4qdye4ahs7tey8mpp8wsaty92jaxcab2ts9gsqbkgk3smra3gmcdbnk7dfxr3dz3z190gmpbc3x18ghgkhzzgs4zd81nccrya09b7x71mnzg1m7ty6rqe0jtd07xscqxbzxrxr814crpdv3dgrqs4ebkjn12ex3z10fbvewhqa2j3e61n5r24ap4aff6e9f67tn4mwvzvfepxncme3z8pw5famrberrjr73k8ctmfmf7nqe5xhcffpfw8qec39yzk1jjbn0g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84597
x-guploader-uploadid
ADPycdsr5n4kU1rNLkiSrbRzdMb-9DabWoAfQTOrTOqZ3NYXVgPrNi4N3t5dVkDjvEN376F-ekn4TmbIv9GEx6HzMco
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Jan 2022 11:00:45 GMT
server
cloudflare
etag
W/"25dab5d0aa24f68116270a61c758162f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMOC3yZqVKBcCwpzUvNgUP8pKenK0uEoM5F0PzWy4QPGbJMj9rFYHiDuOz4TpWy94qTOOwukC6KeTaIW%2BPo4uLVWNNh%2BPB85BQve0fQu42hn%2B0C04ISKm2ktRwuWg%2ByIH5Gkqqc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1643194845770575
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11870
cf-ray
6eb41a005a4c8fe3-FRA
expires
Sat, 12 Mar 2022 11:01:46 GMT
viewability
hal900024.redintelligence.net/ Frame C1A5
0
150 B
Script
General
Full URL
https://hal900024.redintelligence.net/viewability?s=49610700065596000710612011897024&a=9a8a35a8&vb=m
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=49610700065596000710612011897024&a=442b5c9b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/request_content.php?s=49610700065596000710612011897024&a=442b5c9b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 54FA
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bt_eFDsgtYpf1BfeQjuwPxM-G0AwAAAAAOAHgBAI&bg=!bW6lbirNAAb7UztL-1M7ACkAdvg8WqmILPAy-Sxev6wCjjsvO8ZxiHw7kWum6UZaEFXC0Jwd-OGq2gIAAAE0UgAAAAFoAQeZAyF7mc64n4U-Xg84nS63UjOcHqeeYw6gy2LOVVtFIrm4XuWLVizAI5JJa1eKFz4uBOdhOxiLff-prpY0ONgOyit_HN-zw53nY0CS4Zeojl_eWkZyK85YgJe1YaoiY_7G9Z06osO1VzNkH6ZiQCVnOAbVzKVxmXnAelg3IoMhNijTTrGrj_I4wWwJTDFSmz_uXrayBgybHsljCH0ndd7TCcouKKGpw7a4jkkfcYplXtCANJLSb-c2pM9Y3O2bOavLs2H953oddDqgFFeWcJqjYikcPKEM0s7spWRilmBbum8o8PLvl6iKjAe_u56cmo7Ud3noOkzmSv32k_AZkzhmy4GvY4TXsDbiSSfSxLP1PVXndikFzk-EpK2OIIAWnjn4MODcSal7OpQJqeN2gBrqTZFRv-nRdmgASSaN5a836UIA68j-PD7w0LxDSQi6K8VNM8g_RbpUCFLQUUETb1svN-d6UBsiBzKdkm5yIwciWXbcHBOExxgAQ4N5FnlDKJJZgpWZUDsqzrCTh2xOD-TTnaxWIv53_L6uNgOWMDnyS_jo0FDw6y_5ehBDVEDRwmh7vzvVQwyBly3VB1q7GQv52I-457O5c4lrKdsJHO9beeO8Pk8yGFY9LR-4ATLzJwQUPCzRi4DTIsFfUHHcLMMfNBOV7tVab1jSq4RdHAg9OkUr-Ml5OPnyH_tTgczAjlbcFI0egkciu-G34XTj0QVEdTPx3wUsXEBU18UAI1GwCDUF4E-IBahOk-DVeV1IEPUIXdt4_gI35QkftSlwFGm40MDf6Z8dsB4kYfL17W6SljwmbIozUCC-B65XIGadKq05Qg7hx5ZWKCwvENWqlMC9qjbLq_qS-biYsk06lDX5CcbRbWkf88iYp9EHDaFC2iNnvM_A8X3CvAliJ2OXHOZ6x1kSRTflL1WnJdnwGkrRQCEvW0Tdq3Tu3EgNKYCMf1UbYZHOXUA2z1Tlz2wLDL7qOhEzK7Hcx2T_GPmXR7XAFJlG4Cgo8IjgDxrfMlvu1cvazQEpX1aEaEwnCA__ZDrP1jVfW3M6JhkDSp3cdCvJUWUEkjk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 468F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030801&jk=3217454138234025&bg=!MzClMHTNAAb7UztL-1M7ACkAdvg8WrJcbihNdVfKSCyz1M3rRXqPy56ijZiZu0cSNHFJvliQENybbAIAAAF5UgAAAAZoAQcKADEHHxmlmH-7rFaz-RAHfAC6Paz4e0jqCO8H0jMPD8X8zKJvDHcsIdAcC5GDtfxGqXr8mQLgFlh7_qUTlK8y5KlpCzIQ_jaZquonjqT9uHhtihn4OlYLwyiVdYx62pxZKuQbfxztNeEVE9mh3FFQDIGI0SBQHrCbzJe0mcPUhHWIlfFbbGadXeJib6MYFT4_dbw3WZ41RgiFcCdhrmqaig6uZIgFqiVbgv-A8NvKxRDSNDQzIALqIZYEAZBlWViSJQ6AfudpMl0ek920_RjUpBEFbiUuICROxxuoRT9Afnc-ol8kG0GAzMISzYuUxsR0iPB3QjBVq79rENzYfIlVwQY5GZ2iDEyLuzoA69mxy1h49bEumV3brPdh3LwVvgnIyey8p8C3TVjtRgIuArxTI4IySUAyZzD0BLi0-El2sGk5TAOMEiLs_jNrVX9WtT3KN5mitolYBzpsCb3H3id98N2NkKHQjJ2vuKsYR23N2REic_ASTCpaP15CawLpoU9iUCk4K0i_fCNH3G9_U1iYcQXXpujLGU7ZjqtL-B5On6HT56K7vGsWu8zFeiFHctcxU9xc1JGcp7lYuguAbD3l6Un_jj5Is-SqMJm2HXtD3TomcmTh52MEn7UQZ4AcQ3OF9wfnRGQ7g8oS3oRPreBDas1ZxpbIIt7K18SY2EkvYb14PQPlt6NUgkMHQkHZxOL9A_DJUaYAyLQnf85jqBJYYcSC0x4GyhRayorMFAd3TTN1GjAQi8hXrmliTYZ9kTenDIKhT1-EKt3QgrtYVeqMKpvfUU0hqwelFph4cIeS6k49v-Pn9iUfDXt-wc-rSpZhmVtbulc__Qiw88fDtdNtQS03mLtdxX4dCEmYmaZQskYlWCig6a-5hLf-477cWfpwv4QrdUkG2Zk3DNSg8lUN0aVHy7xZ2Hpvlg7-tfLkgKNvG4kTzJy-KnQzNzw3uErpTEnfHgzYEBEB7GABwU8vwVruw5YkXXvp2wgI8AekbjD9KYqd01ge9FkM3vAuu7_peQRc2oqoVFrqjcFwM7cFWP3wWoYjcw
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FCE3
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030801&jk=2612437989791563&rc=null
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

viewability
hal900021.redintelligence.net/ Frame 035C
0
150 B
Script
General
Full URL
https://hal900021.redintelligence.net/viewability?s=28434000045773100757585011897021&a=ee9f4a81&vb=m
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=28434000045773100757585011897021&a=3497a78c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/request_content.php?s=28434000045773100757585011897021&a=3497a78c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 035C
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ Frame 3F7E
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d970eb0d01e5cc2cc4d6582c21de247cc49537cbdc5ac5bfe831f91b185b93c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame D687
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030801&jk=3329168481610479&bg=!NDelN3PNAAb7UztL-1M7ACkAdvg8Wl4e6BIZly8ROG6gJ7PxnHhkjBXdca2VhJiYRT46virkPXuOgwIAAAGHUgAAAAFoAQeZAvb7-RldjhfpjDz6TpShwefhNjQB8iILFbY4xULRZpm7l-d7oPsmkX0ax_-3YriqMalcY1_nURXH6NqqGttc8C4Umns2t1IAqzINZ8d24y2m7IaKgZBXJyTNWqVxRbFc4OlmxqfsoW16JeEpxiQz7kuzz5luxWGFBSA2Yk8hDoV-MKZSpVEztKkOPvlaJsg-wql9x4VPJoh-0qkwmi10YSmXqlur59ruCxNMsUo5bLlNft0nyT2tFF_Im2mKq64EzRQw_AOPqEwS7s1AdjE_Axk2a7SKrpl-Qv29wQIGA8YXK3U3R5-H4Sl3osnSLnYqUkCjwgW94wfJKGsawxkd4u66xEIBIhT7MEu0IURoWmToE0x15icr0ZkwHoCbbCROzVqm708DytZL_J4ooIeSDMkam05ISiNyXItdGekvDm5GhDSJVoNUz78-byyHzjRB53HFl-Fo1Z79pv9gtEDY1nWkvf3ipg3xGomtjNvvRCQjOrbGarbfpcV2LrmDrc65pN2NGRDvUVMKl91LBELBnOTvJkSCBwueEGrzFq4xN55vkKFXokgr9R5WGF0jIs_rS_IZnKk7i3_DrQAgZhQs9JVQjAzCbmI1c-WGjDydH8U0YS2sdzpVk2uMBneTBWv3NFkLpnj7LBGgqk81Khng4Y-vJENL9_XVYTxF_WYBTPatiSAkwbp6PjgyEpJn8fnxe5PqwKh9REt5JQatXNGuYt1ZVx7h8q_Q98daEKfDbDoVr9vLvsa-PViDnBNEIilS41TP5lNDa9negIbOuWXh7j6tHqBM1bbWE3sHFs8XOw8D6NnKZoDTDIieZvXlL5VXW0bYiIedKwW2PCpZYaD_3z64VARHVzyeLvHf_IPvvXPqP47h0wJGaJ5fqq_iuSbwF19F7-pFIYO0vpZFAfuR07Cq-ZY3zmWjtHHnr4MFycUJasFRyIgF-b0XLDMRf5ONhLcjS0DA3mJYjeq8fL9q0dv0NsVUdnIDDWs18BJJyxK-RAtXCHV55g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 02B3
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGDWg58LHjmB3HANPRShags&google_cver=1&google_push=AYg5qPIaek2suXL33eLQtsKgL6FjR35oWqy5y6sjMQByN1_RzdDOI8w54mJOt-OKBaQwioM8f9X5YzYYDIKrTB96L2PIO_NZzl1I
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 02B3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBsOVFFJwgwK6eSL4Pc7p1A&google_cver=1&google_push=AYg5qPKSi5GBzdNljXDHdL9TkMQJKFfKpXqeR2Tv4nM9tKGxZWQBp6evl17Uk41e7c9qEuDO04d7X8rQp5siDrNzSvf88vf...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKSi5GBzdNljXDHdL9TkMQJKFfKpXqeR2Tv4nM9tKGxZWQBp6evl17Uk41e7c9qEuDO04d7X8rQp5siDrNzSvf88vfxwCK4&google_hm=ODkxOTM3OTg5ODM0Mjc4Nj...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKSi5GBzdNljXDHdL9TkMQJKFfKpXqeR2Tv4nM9tKGxZWQBp6evl17Uk41e7c9qEuDO04d7X8rQp5siDrNzSvf88vfxwCK4&google_hm=ODkxOTM3OTg5ODM0Mjc4NjcyNQ%3D%3D
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 13 Mar 2022 10:31:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKSi5GBzdNljXDHdL9TkMQJKFfKpXqeR2Tv4nM9tKGxZWQBp6evl17Uk41e7c9qEuDO04d7X8rQp5siDrNzSvf88vfxwCK4&google_hm=ODkxOTM3OTg5ODM0Mjc4NjcyNQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
dot.gif
s0.2mdn.net/ Frame 02B3
43 B
65 B
Image
General
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEGDRWr1Ot14SxIhBK0kw92Q&google_cver=1&google_push=AYg5qPL0RXOcmgfDLZoVrNminxN8JqC2vQsCxNbOk5FULUFY8SVv6utEZqyHlHGr7tIJ9DKqLS18oNEOvUYKCLN-zGEsEZ1asi-4
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 14 Mar 2022 10:31:43 GMT
pixel
cm.g.doubleclick.net/ Frame 02B3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJmi2jU6klHhn74MCggbP7U&google_cver=1&google_push=AYg5qPJYU7Hq8fDL401WuXsE-8MzxbaeqczsWAP5VYUfsFsIyHysVcA6gIXoRyXC9bb1gCaERewDlsY9...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJmi2jU6klHhn74MCggbP7U&google_cver=1&google_push=AYg5qPJYU7Hq8fDL401WuXsE-8MzxbaeqczsWAP5VYUfsFsIyHysVcA6gIXoRyXC9bb1gCaERew...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPJYU7Hq8fDL401WuXsE-8MzxbaeqczsWAP5VYUfsFsIyHysVcA6gIXoRyXC9bb1gCaERewDls...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPJYU7Hq8fDL401WuXsE-8MzxbaeqczsWAP5VYUfsFsIyHysVcA6gIXoRyXC9bb1gCaERewDlsY9ML0WhGREhyvq3GOgfzbM
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPJYU7Hq8fDL401WuXsE-8MzxbaeqczsWAP5VYUfsFsIyHysVcA6gIXoRyXC9bb1gCaERewDlsY9ML0WhGREhyvq3GOgfzbM
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 02B3
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECaVOaymelfgeYrYconjxb0&google_cver=1&google_push=AYg5qPLQFev4h3kO2j01wGyshaNXpEi6FVdWRLB621WPAReuR_Qnd2xkJJDi_nYrKHf0wlwa2FMAcBJ7Nkevc4wD...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLQFev4h3kO2j01wGyshaNXpEi6FVdWRLB621WPAReuR_Qnd2xkJJDi_nYrKHf0wlwa2FMAcBJ7Nkevc4wDlxeXh7aqjiU
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLQFev4h3kO2j01wGyshaNXpEi6FVdWRLB621WPAReuR_Qnd2xkJJDi_nYrKHf0wlwa2FMAcBJ7Nkevc4wDlxeXh7aqjiU
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 13 Mar 2022 10:31:43 GMT
via
1.1 3588568928e677ce9bb8aedfd6e0ea04.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
TXL50-P2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLQFev4h3kO2j01wGyshaNXpEi6FVdWRLB621WPAReuR_Qnd2xkJJDi_nYrKHf0wlwa2FMAcBJ7Nkevc4wDlxeXh7aqjiU
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
lbkWK7RunZwyvyVbr3dbRAabMwrWsG6-1haDRM_8l6vAU-xgjwhPQg==
pixel
cm.g.doubleclick.net/ Frame 02B3
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEJY1tLtEy-9ksqRc5cMn87A&google_cver=1&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
0
0

dot.gif
s0.2mdn.net/ Frame 02B3
43 B
65 B
Image
General
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEEmccsdUEI4BhjEHQ2SR1Dk&google_cver=1&google_push=AYg5qPJP1bZ4cAfqCv5hAWhBEB5RsejcI6MZFoOJnt0-nzz-DiwtKiuogzCpAeeD0Cky1_vkYrtAzReciDWiAfQaDTiEk4h6B48zCw
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 14 Mar 2022 10:31:43 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 02B3
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LOgtmHuv8fm2kfBXdNWikOG5TbShRkSOiTmdrLVh_HLKgq9MpRKVvk98B_QHHCYDoFIS7QAQ
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
googleads.g.doubleclick.net/xbbe/ Frame D643
640 B
316 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVNNHPW9elobr4_tAm76V7jOGi8PYQbnfQQnt8Ckm0BOvREIIxbYh96DkNV7fwjqBXLP2U4eiR-JtzblphFW1J8g3IsTPA4tJDfqS5D2POATwjWAavwWL60TU3QvsiO12F_CDl5Kpa1hfj8Bf-CWojO6AwxW-kEISSsvlJPscncgNeliJg
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 13 Mar 2022 10:31:43 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 58F3
27 KB
16 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ds2IxQE0Q5Fwzby_chYMgFPpwytYHgmNbYmzvHOcYwQafkijQM5usb-bq4i3RbKmBBfFiJMchUZdldRxCsFjdzb8xW1SPmJcSrCzzIhSMRwBopK2YSm3kIGq89z-E-Gr190IgR8gEDZq7gGMP62oQpC_Tx0Q&cry=1&dbm_d=AKAmf-Av9Mj7sxmb4yVZcbid1w_cTWuCFqF0NK1pBKeWDoxfwCeT_h5v2J7q3AZQd-oW5MrMVvD3xN8bQe6R6ujpB2TrN-rgQLidCpGmYrxM7cYVj_xBPrZ7zoryxnEHRYjnsdW6cKZTUvIY80OyeZAGSd9RcT7TBEDz_ewtU809lb6Ak91wBP-xX0uDY1VVzLvnmINa17hp0lCDzuTqIy7pHs-GDuy6MZqiFwsAt9bATiZS8yooHrDtjBau5w1pdTlHikgMAPbEkw7xOneXYCbNfQlOydhvpI9Dt9SEl60FWwkI9WeZI2O1a8Wl9ZhZoWmp3uDLNRt7V18fT8QkshbTQSyOEcr0LiItyR5vRAMyGTotvSghhPBGYVpj5N9DeXZ7RLVLsxqDmMYG5qjccUsxQHrqYoLNjeyBr8rTCTt23oGTgnpsm3UeSj7aTJ0kHbkwcfoB1_VvQXo0KyApk4bg1jf82BCOHzjav5MHuX6dducJMygTjLpwp6JEUCxwxMhwM39K-gF8nKjdSPPBkSwwDPxN1abfFcO9C5UVo1MZFo2KTuXGe4LZya2ABdRGGiFlK0f_BxlEnskMDfXiFuGaOaLnbyNQ5xkThX3lCZWgB8QGV29LqHkJwxBRHNPfK1aLPSK0MujLye31PeWpcA1XPQsqd-o97Z9fT7Upfa0dDP-IbwN-GvkRQx51j60RDZOIciRIvF-G6fSkkBKI5R80FBbUIn9yg7OxYiJ4CVPk-DP1oLbl-0nhXknFVfvQ_GLhkihsZ88PUuWMbxOU5IxWcNxxp2xadAwiX2Zo0PD3vjcScf81halr1BC2ZIawAVRtsJTl8f824gDlsVG60gPOm1EGOWmPzfPTYru0DiZgg4XcnMLLlMPFdUrAmXkrBKS4BgiKs-KGlQfrARRQsG4YmCmO0tr1-hSRXWg1lo-UP30AxfHQLHiTiLEyftvu5DThoQoJMYuAmSNmamDFJuqi9ovo6wypOJwH26RqyzgV2XkGCikgOJl-Gzo8vx96mi40KFwkLorSY6pGTDTIBfYX8_j0j7T3k8fjZU-X8k8jQbDjpymGXF_Ap9VYExA1sBln_jUOn7IAjoQOW7uh02gzIzAbTMTqJsXPd6s5xz6V64epE5pK4d0tFVVeaDQSTYdPCld43_AzfjaCJM2u9tPEfcjFga9TFn_KQTNKH15o5NgiXFcNvPmEf-WgmPE1-flrzagKIsoall7Fkf8qgNw6G-0ZQGFJuhPm5Bz_uHRd2uNFOahfe4oNhREZRlPiAQX43Nx2iNboSsqyB5FQT3RoeonxV1Osf2g2h1K3Nelfc_UwGCJfJ-2CAtLrnSImqEeFpFA-EHS_eNp3ME8RHdkCBT6rbePkj4ksyiwdS7O8tEVYu1XM0xtEdfojHmK5WDvjN-1Nod--fCqHHXqgrOdaRhbmaiJNpzVKM9DIjf-avftPlraMBR7ORTDDkYFwXgg250-FX4SMcMjSgzumZpAYz7Rb5h3rhiCZodVOqQHmg4u4wuGBgDoaKoJQ8A8bsAU6oSB0j6StR1qK4R9tDTJYFC86y7nz90cO1RJIfyP2oZxrB1hOAPMnjZHtR4LAdomZzr7HJr1uI6Qe39O9q6Hziu3Q8YSgRzR7HVRF0KHsCvKMf3EL7kvgGMRAkJ6mxNR70-Nn2493-2_zuCyXAep0UEz3E0iPV5MEMMg7oSFEu1mj2Om8iIUPIOFzshwN2uXWggkqmTfh7TNSsCnLJSEXBvbri5psIazBfMG304_xuwHmf4sE9zTExS4ndnmmMZsyivKaH8NfjJIl456qonBWRdXs3OJUn8MM5cwpYvnbSeUu_aR6hN1Jv4IaIhP8MtwNBW5jwhrQlRjeV4Z4PvPZk71mFgyBQieecllFm1s1hh4ggF5hSb9UUN7fC6zMJpbNHPeREn9TM6VDvQNSmCA6nSI_QLQ8GcsB7CHsTnmSAHa98-bLfAFWtSw1wi4_c4jfUVKpatmAoBzGTldtLsjBjLOpznq4K6Rb93ZerzBRqTkaw1KOTh5MCyfbBJj-0T44WC8cAydzzqX2GQ-scrlybkZDc7pq2Vv2Yg9xhbl28rybO37qhrcRSD5HgnW3NHb9qi0c7CVGZ1nwApkkKXHXFItgiAHXoIRh1VXJvFysdhzYjY4sAAfbTeRkFTk8tzJL-liKDCafbPQtH47ukSjes1cFfhW7t21HfnY01v9j6i7PqwhercAl-gcSyPCge4UGMXRyzMOEkOnhQv3o36rO2cZLleLdeJZSo2fAxetGUA_zIaehxG62vwBKC9EuicS1SMymdts7zU-nPrRLW8ZPnM_gDbfEChueUODtuKg_IJasgbihzFQvyxq43pEll6ENM77huIswrfJWpVoLV_H7cF4LRUFBh2-DzG3Db3GuPnH4pB-UzYMhQ37kQhovYqT2jphLx6_Ns1agU79VETJICPfHP9XoLcGY3fO7Tw4mr3yxNuW6MxykT-PnhjPbo3BzdsJBDJHaOQsuNfMARWKkRxCWq0aju_i6jwMAVUkGjvuh14PzTYnnblbGKsZTdewlx1oIyV9bOjZvWcJrWgeypOGaLZcvMmGH7vi5JkTo1Zi7pH2aKNZeq7XE8gVxgMSogpwqFzEGHDVq_lJrtvbzBf6uSRPYYsgCo1Q_os9w3Yu8FbHXVL5opiOgXYcBODMvPZNDe2tm5ARBsgLpnwCz4w26y1WCRlqO7lhQLNjEp-_jzY0VeFYbkF7p9Qza3vdnqHchx8C43fMRAUrSPyMJnooje_fqYkOTgWAlHPgsZLHMxHCWx__dwThAcUMrdP4WdeYVcY32n9oCRZ0RAb55URFWG34YZsaxWrmmtW4NZ-dWBJ7l1gtkConoPMpypYDC82OBR1ORn0Njpu6e1s9qdjdeHlMHva1GJ5KPCmhjjmUhMHQ7yQUTA3oHUdBV0-1D_beCXEtaEuAxiabpbwWgc8vY-ndSaOZJSCaNyW613GlJcjNX_v6UZvEMaMNSwgzGIR17YiXjv_GCjGzftqFcsX8xfZBAhX7OGUyNPFA5d1gt60ik1Z7_yfv91gnuQAbbKcKYE9nVy51OmfUq8JNgy9UyCpjFfqqHsHhWClFK98n6Qssqky96X5qnhfVJIgsPrkiNUe1-1Ke3CpGD6PIiWw1FGN0aHvJZ8fj4usUNf3aLE7JD0_5mdpg0uMyB0DW2XbonDrFsliPT3aEIYokTkvHlNHNhQYPrzZ4tVyqBAED7mCQxOFozdASqrKxf7MNB2iQC9jTZ7XpA-sQteB2btGJe9awhXSCCqqQYV4hS0P0cWwgJA8A&cid=CAASJORoQBQPTKVWPBECDcAlmaxFjeD3Wd7Y5pfREq2FDkYVFsCQMQ&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
972bb3d2fed74ca3b0bf9b43dadcda8c373ee8780816ba9b2ef6bd05da724138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16236
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 58F3
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D14fOovj9kdYlmKtFhb9veg0DTIWcql6sxVWP_Xtv-OvuSgB3QG23Nz0XM42-T6RDwzgYcJw1sdJrSnEVvTwhW1Md1nKyp5wdJVLmy6EeyntGygdQ
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 58F3
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 58F3
117 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36343
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646830771070120"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:43 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 58F3
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:29:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6397
x-xss-protection
0
server
cafe
etag
14404976697706490601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:29:53 GMT
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 731A
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
pvClk.min.js
analytics.webgains.io/ Frame 1389
51 KB
51 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3432255&wgcampaignid=99582&js=1&nw=1&viewref=49610700065596000710612011897024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-214-118.arn56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 a626e6748fd7659cdc58de81924341d6.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
20319
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 13 Mar 2022 04:53:05 GMT
x-amz-cf-pop
ARN56-P1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
qQamFUM2Iw9cFp-mo6wMzBRFS--AQ-nE-8NhvWudTqyNzmfWVavzcQ==
link.html
track.webgains.com/ Frame 1389
667 B
1 KB
Image
General
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=85444100055291300710744011897006&wglinkid=3432255
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Last-Modified
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/jpeg
Content-Length
667
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 1389
3 KB
3 KB
Image
General
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=68500500049724200714168011897023&wglinkid=2513135
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Last-Modified
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
2808
Expires
Mon, 26 Jul 1997 05:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A183
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
e865ba2ca00e11081a85a9c02951a24ff5ad447974bfaf3daa5356339bc02b6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27723
x-xss-protection
0
server
sffe
etag
"1157 / 395 of 1000 / last-modified: 1647040256"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Mar 2022 10:31:43 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame AF83
3 KB
4 KB
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Sun, 13 Mar 2022 10:31:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4071785
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhVGePHQySvlxFMYa7aT1%2Bu%2BUU2ln9AK3OrXvWlbGYxo9PhCIlXEkLC1%2BQL1qwJxWE7yFcjE%2FKI2dhAPs5S0rbkFdj99JvgJRe7qWWbgFE7njGIFl3l%2FY0UlRH5IaVKzplWMaKvKymZEeG71L9ai6ecF"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6eb41a014b006987-FRA
expires
Wed, 25 Jan 2023 07:28:38 GMT
frame.html
ad4m.at/ Frame 6E44
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdtyt0YYJGM7L4Qh4KppAxdHUa6qSHGwk_MVt1bnpkWR4u_j_tebe8lZvHDpkzKsfKnRm3Uay31h5MKGRnI-yLI
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
expires
Sun, 13 Mar 2022 11:31:43 GMT
cache-control
public, max-age=3600
age
1385599
last-modified
Wed, 06 May 2020 15:09:30 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3x5uolaF6IMWcRMD1dlHb461wKWtq5YQK0PlOBx2CCj%2BXRK9lpQF7cjR3ae0frjfBpoT4uyS2cb%2F1CO3s%2FGX1ytTuJqQ3UOVa4KdmICiCASrpCl8J2J2QBIlwxYGmTtkL1%2FTX%2F0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6eb41a012c3692ad-FRA
content-encoding
br
sd
us-u.openx.net/w/1.0/ Frame D643
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHee0S3eXCOUVExUnUTiT0w&google_cver=1
43 B
114 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHee0S3eXCOUVExUnUTiT0w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVNNHPW9elobr4_tAm76V7jOGi8PYQbnfQQnt8Ckm0BOvREIIxbYh96DkNV7fwjqBXLP2U4eiR-JtzblphFW1J8g3IsTPA4tJDfqS5D2POATwjWAavwWL60TU3QvsiO12F_CDl5Kpa1hfj8Bf-CWojO6AwxW-kEISSsvlJPscncgNeliJg
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
via
1.1 google
server
OXGW/17.2.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHee0S3eXCOUVExUnUTiT0w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame D643
43 B
305 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVNNHPW9elobr4_tAm76V7jOGi8PYQbnfQQnt8Ckm0BOvREIIxbYh96DkNV7fwjqBXLP2U4eiR-JtzblphFW1J8g3IsTPA4tJDfqS5D2POATwjWAavwWL60TU3QvsiO12F_CDl5Kpa1hfj8Bf-CWojO6AwxW-kEISSsvlJPscncgNeliJg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame D643
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESENxXkIwzqlFKOT9ZyG0HuYw&google_cver=1
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESENxXkIwzqlFKOT9ZyG0HuYw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVNNHPW9elobr4_tAm76V7jOGi8PYQbnfQQnt8Ckm0BOvREIIxbYh96DkNV7fwjqBXLP2U4eiR-JtzblphFW1J8g3IsTPA4tJDfqS5D2POATwjWAavwWL60TU3QvsiO12F_CDl5Kpa1hfj8Bf-CWojO6AwxW-kEISSsvlJPscncgNeliJg
Protocol
H2
Server
104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-106-130.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 13 Mar 2022 10:31:43 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESENxXkIwzqlFKOT9ZyG0HuYw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame D643
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVNNHPW9elobr4_tAm76V7jOGi8PYQbnfQQnt8Ckm0BOvREIIxbYh96DkNV7fwjqBXLP2U4eiR-JtzblphFW1J8g3IsTPA4tJDfqS5D2POATwjWAavwWL60TU3QvsiO12F_CDl5Kpa1hfj8Bf-CWojO6AwxW-kEISSsvlJPscncgNeliJg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-106-130.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 13 Mar 2022 10:31:43 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 58F3
25 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ds2IxQE0Q5Fwzby_chYMgFPpwytYHgmNbYmzvHOcYwQafkijQM5usb-bq4i3RbKmBBfFiJMchUZdldRxCsFjdzb8xW1SPmJcSrCzzIhSMRwBopK2YSm3kIGq89z-E-Gr190IgR8gEDZq7gGMP62oQpC_Tx0Q&cry=1&dbm_d=AKAmf-Av9Mj7sxmb4yVZcbid1w_cTWuCFqF0NK1pBKeWDoxfwCeT_h5v2J7q3AZQd-oW5MrMVvD3xN8bQe6R6ujpB2TrN-rgQLidCpGmYrxM7cYVj_xBPrZ7zoryxnEHRYjnsdW6cKZTUvIY80OyeZAGSd9RcT7TBEDz_ewtU809lb6Ak91wBP-xX0uDY1VVzLvnmINa17hp0lCDzuTqIy7pHs-GDuy6MZqiFwsAt9bATiZS8yooHrDtjBau5w1pdTlHikgMAPbEkw7xOneXYCbNfQlOydhvpI9Dt9SEl60FWwkI9WeZI2O1a8Wl9ZhZoWmp3uDLNRt7V18fT8QkshbTQSyOEcr0LiItyR5vRAMyGTotvSghhPBGYVpj5N9DeXZ7RLVLsxqDmMYG5qjccUsxQHrqYoLNjeyBr8rTCTt23oGTgnpsm3UeSj7aTJ0kHbkwcfoB1_VvQXo0KyApk4bg1jf82BCOHzjav5MHuX6dducJMygTjLpwp6JEUCxwxMhwM39K-gF8nKjdSPPBkSwwDPxN1abfFcO9C5UVo1MZFo2KTuXGe4LZya2ABdRGGiFlK0f_BxlEnskMDfXiFuGaOaLnbyNQ5xkThX3lCZWgB8QGV29LqHkJwxBRHNPfK1aLPSK0MujLye31PeWpcA1XPQsqd-o97Z9fT7Upfa0dDP-IbwN-GvkRQx51j60RDZOIciRIvF-G6fSkkBKI5R80FBbUIn9yg7OxYiJ4CVPk-DP1oLbl-0nhXknFVfvQ_GLhkihsZ88PUuWMbxOU5IxWcNxxp2xadAwiX2Zo0PD3vjcScf81halr1BC2ZIawAVRtsJTl8f824gDlsVG60gPOm1EGOWmPzfPTYru0DiZgg4XcnMLLlMPFdUrAmXkrBKS4BgiKs-KGlQfrARRQsG4YmCmO0tr1-hSRXWg1lo-UP30AxfHQLHiTiLEyftvu5DThoQoJMYuAmSNmamDFJuqi9ovo6wypOJwH26RqyzgV2XkGCikgOJl-Gzo8vx96mi40KFwkLorSY6pGTDTIBfYX8_j0j7T3k8fjZU-X8k8jQbDjpymGXF_Ap9VYExA1sBln_jUOn7IAjoQOW7uh02gzIzAbTMTqJsXPd6s5xz6V64epE5pK4d0tFVVeaDQSTYdPCld43_AzfjaCJM2u9tPEfcjFga9TFn_KQTNKH15o5NgiXFcNvPmEf-WgmPE1-flrzagKIsoall7Fkf8qgNw6G-0ZQGFJuhPm5Bz_uHRd2uNFOahfe4oNhREZRlPiAQX43Nx2iNboSsqyB5FQT3RoeonxV1Osf2g2h1K3Nelfc_UwGCJfJ-2CAtLrnSImqEeFpFA-EHS_eNp3ME8RHdkCBT6rbePkj4ksyiwdS7O8tEVYu1XM0xtEdfojHmK5WDvjN-1Nod--fCqHHXqgrOdaRhbmaiJNpzVKM9DIjf-avftPlraMBR7ORTDDkYFwXgg250-FX4SMcMjSgzumZpAYz7Rb5h3rhiCZodVOqQHmg4u4wuGBgDoaKoJQ8A8bsAU6oSB0j6StR1qK4R9tDTJYFC86y7nz90cO1RJIfyP2oZxrB1hOAPMnjZHtR4LAdomZzr7HJr1uI6Qe39O9q6Hziu3Q8YSgRzR7HVRF0KHsCvKMf3EL7kvgGMRAkJ6mxNR70-Nn2493-2_zuCyXAep0UEz3E0iPV5MEMMg7oSFEu1mj2Om8iIUPIOFzshwN2uXWggkqmTfh7TNSsCnLJSEXBvbri5psIazBfMG304_xuwHmf4sE9zTExS4ndnmmMZsyivKaH8NfjJIl456qonBWRdXs3OJUn8MM5cwpYvnbSeUu_aR6hN1Jv4IaIhP8MtwNBW5jwhrQlRjeV4Z4PvPZk71mFgyBQieecllFm1s1hh4ggF5hSb9UUN7fC6zMJpbNHPeREn9TM6VDvQNSmCA6nSI_QLQ8GcsB7CHsTnmSAHa98-bLfAFWtSw1wi4_c4jfUVKpatmAoBzGTldtLsjBjLOpznq4K6Rb93ZerzBRqTkaw1KOTh5MCyfbBJj-0T44WC8cAydzzqX2GQ-scrlybkZDc7pq2Vv2Yg9xhbl28rybO37qhrcRSD5HgnW3NHb9qi0c7CVGZ1nwApkkKXHXFItgiAHXoIRh1VXJvFysdhzYjY4sAAfbTeRkFTk8tzJL-liKDCafbPQtH47ukSjes1cFfhW7t21HfnY01v9j6i7PqwhercAl-gcSyPCge4UGMXRyzMOEkOnhQv3o36rO2cZLleLdeJZSo2fAxetGUA_zIaehxG62vwBKC9EuicS1SMymdts7zU-nPrRLW8ZPnM_gDbfEChueUODtuKg_IJasgbihzFQvyxq43pEll6ENM77huIswrfJWpVoLV_H7cF4LRUFBh2-DzG3Db3GuPnH4pB-UzYMhQ37kQhovYqT2jphLx6_Ns1agU79VETJICPfHP9XoLcGY3fO7Tw4mr3yxNuW6MxykT-PnhjPbo3BzdsJBDJHaOQsuNfMARWKkRxCWq0aju_i6jwMAVUkGjvuh14PzTYnnblbGKsZTdewlx1oIyV9bOjZvWcJrWgeypOGaLZcvMmGH7vi5JkTo1Zi7pH2aKNZeq7XE8gVxgMSogpwqFzEGHDVq_lJrtvbzBf6uSRPYYsgCo1Q_os9w3Yu8FbHXVL5opiOgXYcBODMvPZNDe2tm5ARBsgLpnwCz4w26y1WCRlqO7lhQLNjEp-_jzY0VeFYbkF7p9Qza3vdnqHchx8C43fMRAUrSPyMJnooje_fqYkOTgWAlHPgsZLHMxHCWx__dwThAcUMrdP4WdeYVcY32n9oCRZ0RAb55URFWG34YZsaxWrmmtW4NZ-dWBJ7l1gtkConoPMpypYDC82OBR1ORn0Njpu6e1s9qdjdeHlMHva1GJ5KPCmhjjmUhMHQ7yQUTA3oHUdBV0-1D_beCXEtaEuAxiabpbwWgc8vY-ndSaOZJSCaNyW613GlJcjNX_v6UZvEMaMNSwgzGIR17YiXjv_GCjGzftqFcsX8xfZBAhX7OGUyNPFA5d1gt60ik1Z7_yfv91gnuQAbbKcKYE9nVy51OmfUq8JNgy9UyCpjFfqqHsHhWClFK98n6Qssqky96X5qnhfVJIgsPrkiNUe1-1Ke3CpGD6PIiWw1FGN0aHvJZ8fj4usUNf3aLE7JD0_5mdpg0uMyB0DW2XbonDrFsliPT3aEIYokTkvHlNHNhQYPrzZ4tVyqBAED7mCQxOFozdASqrKxf7MNB2iQC9jTZ7XpA-sQteB2btGJe9awhXSCCqqQYV4hS0P0cWwgJA8A&cid=CAASJORoQBQPTKVWPBECDcAlmaxFjeD3Wd7Y5pfREq2FDkYVFsCQMQ&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
947e22d9ed05fbe3f5ed3c4ee35618a1910a85968f48a22c0277f9936f2eb769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
5177785407398320510
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 58F3
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ds2IxQE0Q5Fwzby_chYMgFPpwytYHgmNbYmzvHOcYwQafkijQM5usb-bq4i3RbKmBBfFiJMchUZdldRxCsFjdzb8xW1SPmJcSrCzzIhSMRwBopK2YSm3kIGq89z-E-Gr190IgR8gEDZq7gGMP62oQpC_Tx0Q&cry=1&dbm_d=AKAmf-Av9Mj7sxmb4yVZcbid1w_cTWuCFqF0NK1pBKeWDoxfwCeT_h5v2J7q3AZQd-oW5MrMVvD3xN8bQe6R6ujpB2TrN-rgQLidCpGmYrxM7cYVj_xBPrZ7zoryxnEHRYjnsdW6cKZTUvIY80OyeZAGSd9RcT7TBEDz_ewtU809lb6Ak91wBP-xX0uDY1VVzLvnmINa17hp0lCDzuTqIy7pHs-GDuy6MZqiFwsAt9bATiZS8yooHrDtjBau5w1pdTlHikgMAPbEkw7xOneXYCbNfQlOydhvpI9Dt9SEl60FWwkI9WeZI2O1a8Wl9ZhZoWmp3uDLNRt7V18fT8QkshbTQSyOEcr0LiItyR5vRAMyGTotvSghhPBGYVpj5N9DeXZ7RLVLsxqDmMYG5qjccUsxQHrqYoLNjeyBr8rTCTt23oGTgnpsm3UeSj7aTJ0kHbkwcfoB1_VvQXo0KyApk4bg1jf82BCOHzjav5MHuX6dducJMygTjLpwp6JEUCxwxMhwM39K-gF8nKjdSPPBkSwwDPxN1abfFcO9C5UVo1MZFo2KTuXGe4LZya2ABdRGGiFlK0f_BxlEnskMDfXiFuGaOaLnbyNQ5xkThX3lCZWgB8QGV29LqHkJwxBRHNPfK1aLPSK0MujLye31PeWpcA1XPQsqd-o97Z9fT7Upfa0dDP-IbwN-GvkRQx51j60RDZOIciRIvF-G6fSkkBKI5R80FBbUIn9yg7OxYiJ4CVPk-DP1oLbl-0nhXknFVfvQ_GLhkihsZ88PUuWMbxOU5IxWcNxxp2xadAwiX2Zo0PD3vjcScf81halr1BC2ZIawAVRtsJTl8f824gDlsVG60gPOm1EGOWmPzfPTYru0DiZgg4XcnMLLlMPFdUrAmXkrBKS4BgiKs-KGlQfrARRQsG4YmCmO0tr1-hSRXWg1lo-UP30AxfHQLHiTiLEyftvu5DThoQoJMYuAmSNmamDFJuqi9ovo6wypOJwH26RqyzgV2XkGCikgOJl-Gzo8vx96mi40KFwkLorSY6pGTDTIBfYX8_j0j7T3k8fjZU-X8k8jQbDjpymGXF_Ap9VYExA1sBln_jUOn7IAjoQOW7uh02gzIzAbTMTqJsXPd6s5xz6V64epE5pK4d0tFVVeaDQSTYdPCld43_AzfjaCJM2u9tPEfcjFga9TFn_KQTNKH15o5NgiXFcNvPmEf-WgmPE1-flrzagKIsoall7Fkf8qgNw6G-0ZQGFJuhPm5Bz_uHRd2uNFOahfe4oNhREZRlPiAQX43Nx2iNboSsqyB5FQT3RoeonxV1Osf2g2h1K3Nelfc_UwGCJfJ-2CAtLrnSImqEeFpFA-EHS_eNp3ME8RHdkCBT6rbePkj4ksyiwdS7O8tEVYu1XM0xtEdfojHmK5WDvjN-1Nod--fCqHHXqgrOdaRhbmaiJNpzVKM9DIjf-avftPlraMBR7ORTDDkYFwXgg250-FX4SMcMjSgzumZpAYz7Rb5h3rhiCZodVOqQHmg4u4wuGBgDoaKoJQ8A8bsAU6oSB0j6StR1qK4R9tDTJYFC86y7nz90cO1RJIfyP2oZxrB1hOAPMnjZHtR4LAdomZzr7HJr1uI6Qe39O9q6Hziu3Q8YSgRzR7HVRF0KHsCvKMf3EL7kvgGMRAkJ6mxNR70-Nn2493-2_zuCyXAep0UEz3E0iPV5MEMMg7oSFEu1mj2Om8iIUPIOFzshwN2uXWggkqmTfh7TNSsCnLJSEXBvbri5psIazBfMG304_xuwHmf4sE9zTExS4ndnmmMZsyivKaH8NfjJIl456qonBWRdXs3OJUn8MM5cwpYvnbSeUu_aR6hN1Jv4IaIhP8MtwNBW5jwhrQlRjeV4Z4PvPZk71mFgyBQieecllFm1s1hh4ggF5hSb9UUN7fC6zMJpbNHPeREn9TM6VDvQNSmCA6nSI_QLQ8GcsB7CHsTnmSAHa98-bLfAFWtSw1wi4_c4jfUVKpatmAoBzGTldtLsjBjLOpznq4K6Rb93ZerzBRqTkaw1KOTh5MCyfbBJj-0T44WC8cAydzzqX2GQ-scrlybkZDc7pq2Vv2Yg9xhbl28rybO37qhrcRSD5HgnW3NHb9qi0c7CVGZ1nwApkkKXHXFItgiAHXoIRh1VXJvFysdhzYjY4sAAfbTeRkFTk8tzJL-liKDCafbPQtH47ukSjes1cFfhW7t21HfnY01v9j6i7PqwhercAl-gcSyPCge4UGMXRyzMOEkOnhQv3o36rO2cZLleLdeJZSo2fAxetGUA_zIaehxG62vwBKC9EuicS1SMymdts7zU-nPrRLW8ZPnM_gDbfEChueUODtuKg_IJasgbihzFQvyxq43pEll6ENM77huIswrfJWpVoLV_H7cF4LRUFBh2-DzG3Db3GuPnH4pB-UzYMhQ37kQhovYqT2jphLx6_Ns1agU79VETJICPfHP9XoLcGY3fO7Tw4mr3yxNuW6MxykT-PnhjPbo3BzdsJBDJHaOQsuNfMARWKkRxCWq0aju_i6jwMAVUkGjvuh14PzTYnnblbGKsZTdewlx1oIyV9bOjZvWcJrWgeypOGaLZcvMmGH7vi5JkTo1Zi7pH2aKNZeq7XE8gVxgMSogpwqFzEGHDVq_lJrtvbzBf6uSRPYYsgCo1Q_os9w3Yu8FbHXVL5opiOgXYcBODMvPZNDe2tm5ARBsgLpnwCz4w26y1WCRlqO7lhQLNjEp-_jzY0VeFYbkF7p9Qza3vdnqHchx8C43fMRAUrSPyMJnooje_fqYkOTgWAlHPgsZLHMxHCWx__dwThAcUMrdP4WdeYVcY32n9oCRZ0RAb55URFWG34YZsaxWrmmtW4NZ-dWBJ7l1gtkConoPMpypYDC82OBR1ORn0Njpu6e1s9qdjdeHlMHva1GJ5KPCmhjjmUhMHQ7yQUTA3oHUdBV0-1D_beCXEtaEuAxiabpbwWgc8vY-ndSaOZJSCaNyW613GlJcjNX_v6UZvEMaMNSwgzGIR17YiXjv_GCjGzftqFcsX8xfZBAhX7OGUyNPFA5d1gt60ik1Z7_yfv91gnuQAbbKcKYE9nVy51OmfUq8JNgy9UyCpjFfqqHsHhWClFK98n6Qssqky96X5qnhfVJIgsPrkiNUe1-1Ke3CpGD6PIiWw1FGN0aHvJZ8fj4usUNf3aLE7JD0_5mdpg0uMyB0DW2XbonDrFsliPT3aEIYokTkvHlNHNhQYPrzZ4tVyqBAED7mCQxOFozdASqrKxf7MNB2iQC9jTZ7XpA-sQteB2btGJe9awhXSCCqqQYV4hS0P0cWwgJA8A&cid=CAASJORoQBQPTKVWPBECDcAlmaxFjeD3Wd7Y5pfREq2FDkYVFsCQMQ&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 13:19:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162741
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Mar 2023 13:19:22 GMT
pubads_impl_2022030801.js
securepubads.g.doubleclick.net/gpt/ Frame A183
358 KB
121 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1744
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123897
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Mar 2023 10:02:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C646
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkhKkDsgtYuXmLoHEx_APotaj0AIAAAAAOAHgBAI&bg=!ammlaS3NAAb7UztL-1M7ACkAdvg8WtZzcgFnn_vTsunEYJQ4kDXRX2tTnQYlF8j842STYFFQM_mgsQIAAAFfUgAAAAZoAQcKALsYKvxI3Ac29vBpP2GEbNyJ_vq8zC-SWXcUxoefl3EGkcshFG9rW-ouLXF4xqXa1OkrGKqvkNQwwzsJG4PBgW4dblmVDmgWbJGbZtJ7OIkSAJUnGOFOzCn6fRHgAyf0TSY4MEKJCd8Lpa460-sMsBRn1feS9MrMBCSoeuVHtfjuYQK8x2utiCu_BOUfBOqqW30nbETv2FY82FHyYVUy_mi6Om0f5J77XS2PmLY8r-9bYq0WF2Wz6TfX3Y_MmQLR2dEdfVQSWepf-Db3NsD3hBRdzs6ez4baHoYmW4Aip5UNKdUO0EUd8nyIM7gULhTPTmOIwCoJ9LAC_GpgadSbtgHB4407ZHxVNlUUQdmhvvcxQ7CvlOmxLb9Yx36ikazEBxb9SdDCk8KjXLWlVwHpoWs1sLQA8fbZt0-1GsPUH-2KgzXGjMO-5w6ToqUYMYLaUZz6m4nigMcKezGjoqJAMWawJpZygqsEswFlWm-j-BvmL9Cm5QAktL3IJOb2l7cB0nKVEIPwzw0qsZMgTjUyW935SH9XAn14zCQkQL44si52eWfjH6AT4A3NcPKU4kRV3HQzRTCZTr02lp8r1weFzZR0A8P01yePCAFx0mRk5FVbpX7l3BCwatWCRUbcmbC-dJt-AQj47mpHyf8AqrxkNwm1itJ4M8sE6SB0XivQbqwJtvN7rZlWDcNVsI_WWYv4cIyDhm3g91Rd3yCeEJQATCyTQOMjqW1T3-2vqAouHwiRtlnOUc2fngHJndnC2OxLRSVBrrcNaCRrd11mizuZVW9ph7ghbfliSqH4fSjvbXvgEDtv_d-qHtwQWv5cHnFhQh9r3XbKgFUC5lrvoREeYcFZz1t4-oXeum8z-owoKESCriZX1EVQYTztKTlQ1dObGPmazC8cJpGtlXu6IdG_3AWr0CSIgHZ1cmf6kDgnonR7t2by5LGnRYH2NNc6gP84zbzvJ8vViyTL0z6OFm981DBCPAR6eh0de9cZHMmS4rd1x-xcT4CBkj-J7fKzd6cjrTtEf1ZuxZF89XS98HZ0gFXXiS2QLNJqmEgJgXd0J1Rfft_ke2jYxCAr30lh-uL6v4YxSNU7oW9VC-Wg4E9Vn7ofMzlWK8Za5PnO2rg8hgcK376cWELQ2BqdiDij6K4teddWol4Xi6J5F5OIy8FfNE8QU_ZN8IDTFG3vkv5dSc2ZT3f9cPyRAHDfu3JmfmWHzA
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rs
ad4m.at/ Frame AF83
2 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54c706dae9926641af2e18a59361fb06195084976f0dbbafc0214adc8ccdfcd2

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6eb41a0258079b86-FRA
date
Sun, 13 Mar 2022 10:31:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xO5bqPRm66C0NKkDuqtoyRNvUFEl4UDJWoyVE8Apgc%2BSkKM8CO78vofnkJDpxk%2FaJ4MSrtNflyTqh5SkwQ9GGTfckNtU3ByAwgbrLdOOdv7wi%2BXOlhS58ybJr3%2F5tjqpmKZU1Xs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-bjhb
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-bjhb
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k276%2FrRKQBA9mNCd3yFrg6GOMxNPsc04mc0hWkYrX%2FN1T7YzHCM9gBnx7qTblL2%2BIwESlNfpLNYvr4tA6%2FnLibUgBfKBQjTADAEp7IdKe%2BqiBTG3BDMgfvPoF7KQ%2BrMaGJdF5xw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6eb41a021f8f9b86-FRA
4727t6qteyti
hal9000.redintelligence.net/zone/ Frame 58F3
11 KB
4 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMPXQD8gtYuhkk-3fA8O_o-AOtc35g1f82Lmr5QzwLhABILnb8yZgleKQgqAHyAEJqQIY8YtEyE6yPqgDAaoE3wFP0MlRunBA1UqCHZB560SwhaLJ5PLKHsYyXo1--yBxBJA3mwGTzwHKvmSKoEecDrXYom02OqVgy9GQBe-diDb4ps71gypY6yDPI3s7wLr_dhShotLEEnkutZZ37u1XoVcyNoKQY9szsnbswE4F4ymJj23zrgI8pCRdnVs3bEh3qZNPzJAnIpXjLYf2Mok6FoJDxHvEwsQO7dTkCCLO_6buqWeAkvFAo5HGt3xwhgWjteCp3wp30u0wAxG7bst06u_glBk51A2bDXWqIQCIri9HksrlBk7H5hW5tND_bTdwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoQBQPTKVWPBECDcAlmaxFjeD3Wd7Y5pfREq2FDkYVFsCQMQ%26sig%3DAOD64_1B7B5xLMf-Y-xjqJg0gGBTK4IlAA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-Cx-WULrftp90PzSP47BaEQL1ev6Z4YkAs4HmWeqTy5pd65d4ofRA8Wc0aVq1J5UlyAMPnpAagHyUUtmU-u-BGtBIMsgAy0YFfkmJpsN-xfd5RE5ytG-Y9JcCqMczd8L7Iyoke9FfyHubYC8kA_EtqGAcWrPQ%26cry%3D1%26dbm_d%3DAKAmf-BjTRhM6_8Y6GtW14j63TRTLTA2_zieVAwceLy9Lmggx9u9QP5QLx1y_xTYrwSGdM5k_66gg32dZM8zMJnuObS7_MlKQPmJ7n1gd9Rjsfs3M020bQTQx53i4alimtmkwahQmrsC1eRufJ98P4e-m0oUSG_h-8UKeeGLwBaM6wuiPcdWdKGrZ0QEVtz24ZbDD6yRO1Rf9E8UPkvZN_civTIQM1djvCkAWNgWd_nH3BJXlvIBO7pjTyCsqa7yB5I5dm8AljX7CQN8eONjL4tXKV9tmV8VnbeeNw234YIgxQFn9IxODTFpASnZ1_UlLwoH9mDa2WMWwasiAfgh5GLndRSpMAQXFmVd1bQqC2RVvu0P744ZaNvRIgvLXJ6KLPYirgDr6dKtkzXzPH-D2ar4P67eUU2QLVRVQ--Gn9sz_cHBaj6ElR6ybFY7PO8_E8NY_tCqiDSYM6tFqYnB4NGkvqPC_nVsDA%26adurl%3D
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
aef780d4bc2115d3b8eb19d469e750879ca2a97bd4f921753d14b0c73352cb9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3961
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D274
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 11 Mar 2022 13:19:22 GMT
expires
Sat, 11 Mar 2023 13:19:22 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
162741
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame A183
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A183
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A183
19 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=301711144975138&correlator=3688913406980031&eid=31064905%2C44758228&output=ldjh&gdfp_req=1&vrg=2022030801&ptt=17&impl=fif&sc=1&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C120x600%7C200x200%7C250x250&ifi=1&adks=113378651&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie=ID%3D6bf49801c8b0f0f7%3AT%3D1647167501%3AS%3DALNI_Ma-2pTd4Th25scBsEIeyhjqF7kSIg&abxe=1&dt=1647167503704&dlt=1647167503494&idt=194&biw=1600&bih=1200&isw=160&ish=600&oid=2&adxs=1148&adys=1298&ucis=81kj8eeye5r1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=160x0&msz=160x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167504&ga_hid=1372197369&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
40e978ebe9f3ec208164c8b123cc96a0951060daf1182c0c4e230695c61f1f04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10309
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A183
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cca36826c839c9b3779224cba3025ee800a077f7de6ce8edb7501cc3d1125447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10586
x-xss-protection
0
container.html
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1D60
6 KB
3 KB
Document
General
Full URL
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 13 Mar 2022 10:31:43 GMT
expires
Mon, 13 Mar 2023 10:31:43 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
generate_204
tpc.googlesyndication.com/ Frame 731A
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?lC5m1w
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
request.php
hal900028.redintelligence.net/ Frame 58F3
2 KB
1 KB
Script
General
Full URL
https://hal900028.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=7327bef5f3&subid=&uid=be6e8149e49ba227&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMPXQD8gtYuhkk-3fA8O_o-AOtc35g1f82Lmr5QzwLhABILnb8yZgleKQgqAHyAEJqQIY8YtEyE6yPqgDAaoE3wFP0MlRunBA1UqCHZB560SwhaLJ5PLKHsYyXo1--yBxBJA3mwGTzwHKvmSKoEecDrXYom02OqVgy9GQBe-diDb4ps71gypY6yDPI3s7wLr_dhShotLEEnkutZZ37u1XoVcyNoKQY9szsnbswE4F4ymJj23zrgI8pCRdnVs3bEh3qZNPzJAnIpXjLYf2Mok6FoJDxHvEwsQO7dTkCCLO_6buqWeAkvFAo5HGt3xwhgWjteCp3wp30u0wAxG7bst06u_glBk51A2bDXWqIQCIri9HksrlBk7H5hW5tND_bTdwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoQBQPTKVWPBECDcAlmaxFjeD3Wd7Y5pfREq2FDkYVFsCQMQ%26sig%3DAOD64_1B7B5xLMf-Y-xjqJg0gGBTK4IlAA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-Cx-WULrftp90PzSP47BaEQL1ev6Z4YkAs4HmWeqTy5pd65d4ofRA8Wc0aVq1J5UlyAMPnpAagHyUUtmU-u-BGtBIMsgAy0YFfkmJpsN-xfd5RE5ytG-Y9JcCqMczd8L7Iyoke9FfyHubYC8kA_EtqGAcWrPQ%26cry%3D1%26dbm_d%3DAKAmf-BjTRhM6_8Y6GtW14j63TRTLTA2_zieVAwceLy9Lmggx9u9QP5QLx1y_xTYrwSGdM5k_66gg32dZM8zMJnuObS7_MlKQPmJ7n1gd9Rjsfs3M020bQTQx53i4alimtmkwahQmrsC1eRufJ98P4e-m0oUSG_h-8UKeeGLwBaM6wuiPcdWdKGrZ0QEVtz24ZbDD6yRO1Rf9E8UPkvZN_civTIQM1djvCkAWNgWd_nH3BJXlvIBO7pjTyCsqa7yB5I5dm8AljX7CQN8eONjL4tXKV9tmV8VnbeeNw234YIgxQFn9IxODTFpASnZ1_UlLwoH9mDa2WMWwasiAfgh5GLndRSpMAQXFmVd1bQqC2RVvu0P744ZaNvRIgvLXJ6KLPYirgDr6dKtkzXzPH-D2ar4P67eUU2QLVRVQ--Gn9sz_cHBaj6ElR6ybFY7PO8_E8NY_tCqiDSYM6tFqYnB4NGkvqPC_nVsDA%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=5507060125969&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMPXQD8gtYuhkk-3fA8O_o-AOtc35g1f82Lmr5QzwLhABILnb8yZgleKQgqAHyAEJqQIY8YtEyE6yPqgDAaoE3wFP0MlRunBA1UqCHZB560SwhaLJ5PLKHsYyXo1--yBxBJA3mwGTzwHKvmSKoEecDrXYom02OqVgy9GQBe-diDb4ps71gypY6yDPI3s7wLr_dhShotLEEnkutZZ37u1XoVcyNoKQY9szsnbswE4F4ymJj23zrgI8pCRdnVs3bEh3qZNPzJAnIpXjLYf2Mok6FoJDxHvEwsQO7dTkCCLO_6buqWeAkvFAo5HGt3xwhgWjteCp3wp30u0wAxG7bst06u_glBk51A2bDXWqIQCIri9HksrlBk7H5hW5tND_bTdwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoQBQPTKVWPBECDcAlmaxFjeD3Wd7Y5pfREq2FDkYVFsCQMQ%26sig%3DAOD64_1B7B5xLMf-Y-xjqJg0gGBTK4IlAA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-Cx-WULrftp90PzSP47BaEQL1ev6Z4YkAs4HmWeqTy5pd65d4ofRA8Wc0aVq1J5UlyAMPnpAagHyUUtmU-u-BGtBIMsgAy0YFfkmJpsN-xfd5RE5ytG-Y9JcCqMczd8L7Iyoke9FfyHubYC8kA_EtqGAcWrPQ%26cry%3D1%26dbm_d%3DAKAmf-BjTRhM6_8Y6GtW14j63TRTLTA2_zieVAwceLy9Lmggx9u9QP5QLx1y_xTYrwSGdM5k_66gg32dZM8zMJnuObS7_MlKQPmJ7n1gd9Rjsfs3M020bQTQx53i4alimtmkwahQmrsC1eRufJ98P4e-m0oUSG_h-8UKeeGLwBaM6wuiPcdWdKGrZ0QEVtz24ZbDD6yRO1Rf9E8UPkvZN_civTIQM1djvCkAWNgWd_nH3BJXlvIBO7pjTyCsqa7yB5I5dm8AljX7CQN8eONjL4tXKV9tmV8VnbeeNw234YIgxQFn9IxODTFpASnZ1_UlLwoH9mDa2WMWwasiAfgh5GLndRSpMAQXFmVd1bQqC2RVvu0P744ZaNvRIgvLXJ6KLPYirgDr6dKtkzXzPH-D2ar4P67eUU2QLVRVQ--Gn9sz_cHBaj6ElR6ybFY7PO8_E8NY_tCqiDSYM6tFqYnB4NGkvqPC_nVsDA%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
1d2d6cda758ae9f4f0d97d348293dfe0eaa3b36a3ddc8467f0ec99ebea7a57ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
97124400064943500710612011897028
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
861
Expires
Sun, 13 Mar 2022 10:31:43 +0100
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame D274
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A183
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:43 GMT
rar
as.ad4m.at/ad/ Frame 865A
7 KB
4 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bb978d5472963fc09d519246511b7b146dac5e9033348bb1feef925410d6c45
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1h3evfgqda3erpwq2kg8pcv11npetdqpr79cfkev0ckeg9gx3sc9e84p6g4cgrb45nw4v2wmrkbzr9wwgsn0d04vvb6xfbcz9wp16yxssbbd2xf2na7hczbmk834vqyeyg1c9dxzeph0twv9tgw1wm8rvs8bvpe2r5ejb2egpv1j2vvm5bam7k1qy45d4qdye4ahs7tey8mpp8wsaty92jaxcab2ts9gsqbkgk3smra3gmcdbnk7dfxr3dz3z190gmpbc3x18ghgkhzzgs4zd81nccrya09b7x71mnzg1m7ty6rqe0jtd07xscqxbzxrxr814crpdv3dgrqs4ebkjn12ex3z10fbvewhqa2j3e61n5r24ap4aff6e9f67tn4mwvzvfepxncme3z8pw5famrberrjr73k8ctmfmf7nqe5xhcffpfw8qec39yzk1jjbn0g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%26client%3Dca-pub-5413329544040947%26adurl%3D

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6eb41a029eee92ad-FRA
content-encoding
br
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0ECA
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:23:30 GMT
expires
Mon, 13 Mar 2023 10:23:30 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
493
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9A69
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
946568e52dfc8128302488404fed54469e7f8a2de085f2617ad97c00402e41d9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-182TfjvE1T+NYSW+2uGoMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 13 Mar 2022 10:31:43 GMT
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-182TfjvE1T+NYSW+2uGoMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 865A
81 KB
11 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
434505
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Tue, 08 Mar 2022 09:49:58 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6eb41a031fbd92ad-FRA
cf-bgj
minify
A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
assets.ad4m.at/logo/ Frame 865A
15 KB
16 KB
Image
General
Full URL
https://assets.ad4m.at/logo/A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=i1Ff/Q==, md5=AYpfNzYzK/oFCZjsj3K+tA==
date
Sun, 13 Mar 2022 10:31:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
306491
cf-polished
origFmt=png, origSize=26777
x-guploader-uploadid
ADPycdsY1S65O4yO-xAEHmQnzs3c8nG8CtPtPBAb9c5K3A5w6txpu4UFx0it-0DGkwAuCrQjm4_7ZfWcRyNi6vElJEi8QRATIg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15238
last-modified
Tue, 07 Jul 2020 09:20:40 GMT
server
cloudflare
etag
"018a5f3736332bfa050998ec8f72beb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZiVOCulokVTqcWH0TUOa%2FYSI71vZbd2K%2BvwmnzenrrUa3NpkCvV9XipAKmUszfZARv7D8H0IxfQ%2BnvYHkSAhSEbAeOco2kqHpP2jqEh4D3xHwLNFboMJM9f%2BGaMOPDwE9Ze5smXBBsA8rPe"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1594113640078278
content-type
image/webp
expires
Mon, 14 Mar 2022 10:31:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
26777
accept-ranges
bytes
cf-ray
6eb41a032f338fe3-FRA
cf-bgj
imgq:85,h2pri
CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
assets.ad4m.at/product_image/ Frame 865A
382 KB
383 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=d5mymQ==, md5=bWiWSMa0+LV8pKw7Fyjaew==
date
Sun, 13 Mar 2022 10:31:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
317640
cf-polished
origFmt=png, origSize=588465
x-guploader-uploadid
ADPycdun-knxGhAyI790DgV5XEnGTOPZxdrsjjYwaCrIMYb6HRdel_9hoYIBIBxXaSMNyTIjcWbo8ULaKYYYrv2ws1B-5mblUg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
391402
last-modified
Fri, 22 Oct 2021 09:31:50 GMT
server
cloudflare
etag
"6d689648c6b4f8b57ca4ac3b1728da7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZNIYM8cMZigNeh3apq6RwJQjYNMjXcUEOOtWfgrluMSZ77zhC2BEmqEn5QhQGYEdPsLgt4VfSNluVXn4k7uorIu2UzzqF4gkKIcKJshP%2FG7qS57DzTuAfQ7QJs%2F1KhMn9Y%2BTXev5LrbCoch"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634895110632642
content-type
image/webp
expires
Mon, 14 Mar 2022 10:31:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
588465
accept-ranges
bytes
cf-ray
6eb41a032f358fe3-FRA
cf-bgj
imgq:85,h2pri
view.aspx
pb.media01.eu/ Frame 865A
Redirect Chain
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATK...
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Ne...
0
182 B
Image
General
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=981741&produktid=&dt_url=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Server
88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sun, 13 Mar 2022 11:31:44 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:EC0E_91EFC182:01BB_622DC80F_BF6F77A:F723
X-IPLB-Instance
40027
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=981741&produktid=&dt_url=
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 865A
18 KB
19 KB
Image
General
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Sun, 13 Mar 2022 10:31:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
304851
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ADPycdt9BjFJB-STMuGP-36lUtp6nSK9mwiwj_7MJG-4itnlsrXpenpuAlQOa6-PkESwuB1KruuhpEHkniYK-rHLccllZpMV6A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udiBEbQ9vAEaAlTWEdnL093nXx2fWD79Z%2BPLAc8Vnmsmvq0krZZ%2FRGkc1aUft6n69gC7B8xOk44VDeYYYi5hoNcIiNP0S1lQjPjmVnpwA9x6a9IvsNuND4g73D3IyKPyIpYJxyU8Q0zvKVYq"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Mon, 14 Mar 2022 10:31:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
6eb41a032f2c8fe3-FRA
cf-bgj
imgq:85,h2pri
285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 865A
9 KB
10 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=FPfkEg==, md5=cNeMaybSTgOMvyODLhu1OA==
date
Sun, 13 Mar 2022 10:31:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
303866
cf-polished
qual=85, origFmt=jpeg, origSize=83479
x-guploader-uploadid
ADPycdvlWWNyZ0_yVnle0Rp18a4UBQCgcUnm2yGpQ26-8_4pdPziMnb89A2kFa5Nk83CYeNcEKEjCMmYI60tc1-GnE4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9260
last-modified
Mon, 29 Nov 2021 15:03:15 GMT
server
cloudflare
etag
"70d78c6b26d24e038cbf23832e1bb538"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kww%2FoWR4atwokVbl8Dup55PwzhrYB1RVlos%2BUJ5iEES1p552t%2BKPinDdLbLY3y8J2T3WoHJOeCG62nBNB93xzK5tIhlAwFq7HijOAWKoN4ea2hPOYBRJVxgJipwLcQm%2FAFOAmvV85V0homPf"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1638198195167024
content-type
image/webp
expires
Mon, 14 Mar 2022 10:31:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
83479
accept-ranges
bytes
cf-ray
6eb41a032f288fe3-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 865A
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneideYET3fVfxBVcjHZHet1teW3swSQT81s7Ewoneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 865A
38 KB
38 KB
Image
General
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Sun, 13 Mar 2022 10:31:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
308694
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycdtQB0ZlO6faz5D0Hr1U_IJAXNzEPmLG9ByOrKjn0IdvbQjoRv7aym0wOPPY8wuH3qcWMenl-3meUbTlu3fV8GPke87R_w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JY38jK%2FnDRJVXC%2BrIgSeIGxDYcgoc8faDxFhN5meiIV3%2FZtClcToyP8a3kkwFCtWU20C%2BR%2BqRSG4aaVZxQVE9DR1qcM8dhS9afHq%2FymK0et9rdi6bEXfsX3EAXNf3FBmoJluEpr5Qcpo9ih"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Mon, 14 Mar 2022 10:31:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
6eb41a032f2e8fe3-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 865A
84 KB
84 KB
Image
General
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Sun, 13 Mar 2022 10:31:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1393380
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ADPycdu4nh5obCsLLSKtVW321FZH20V_oHseo8WCszOV5QRZyn8AI_p2Ga8U-RQdTMLH3UX-cvFr--pvECd8J4wOD0A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znWWUYnX63EbkW2A0y27%2F8eACYDY0%2FlJHNtha4d6wL%2BYi7HoEs9FVUuHhbw9XdwkaJCARn38NNvN6u0AhU%2F55Wwq0pi%2BuewpAK8JORJYdZXTlE1GR9yJGC61MBLDCr5HZU%2BVMUwMWtJFY2pz"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Mon, 14 Mar 2022 10:31:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
6eb41a032f318fe3-FRA
cf-bgj
imgq:85,h2pri
view.aspx
pb.media01.eu/ Frame 8D18
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=97124400064943500710612011897028&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=97124400064943500710612011897028&actionid=981741&produktid=&dt_url=
0
159 B
Document
General
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=97124400064943500710612011897028&actionid=981741&produktid=&dt_url=
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=7327bef5f3&subid=&uid=be6e8149e49ba227&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMPXQD8gtYuhkk-3fA8O_o-AOtc35g1f82Lmr5QzwLhABILnb8yZgleKQgqAHyAEJqQIY8YtEyE6yPqgDAaoE3wFP0MlRunBA1UqCHZB560SwhaLJ5PLKHsYyXo1--yBxBJA3mwGTzwHKvmSKoEecDrXYom02OqVgy9GQBe-diDb4ps71gypY6yDPI3s7wLr_dhShotLEEnkutZZ37u1XoVcyNoKQY9szsnbswE4F4ymJj23zrgI8pCRdnVs3bEh3qZNPzJAnIpXjLYf2Mok6FoJDxHvEwsQO7dTkCCLO_6buqWeAkvFAo5HGt3xwhgWjteCp3wp30u0wAxG7bst06u_glBk51A2bDXWqIQCIri9HksrlBk7H5hW5tND_bTdwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoQBQPTKVWPBECDcAlmaxFjeD3Wd7Y5pfREq2FDkYVFsCQMQ%26sig%3DAOD64_1B7B5xLMf-Y-xjqJg0gGBTK4IlAA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-Cx-WULrftp90PzSP47BaEQL1ev6Z4YkAs4HmWeqTy5pd65d4ofRA8Wc0aVq1J5UlyAMPnpAagHyUUtmU-u-BGtBIMsgAy0YFfkmJpsN-xfd5RE5ytG-Y9JcCqMczd8L7Iyoke9FfyHubYC8kA_EtqGAcWrPQ%26cry%3D1%26dbm_d%3DAKAmf-BjTRhM6_8Y6GtW14j63TRTLTA2_zieVAwceLy9Lmggx9u9QP5QLx1y_xTYrwSGdM5k_66gg32dZM8zMJnuObS7_MlKQPmJ7n1gd9Rjsfs3M020bQTQx53i4alimtmkwahQmrsC1eRufJ98P4e-m0oUSG_h-8UKeeGLwBaM6wuiPcdWdKGrZ0QEVtz24ZbDD6yRO1Rf9E8UPkvZN_civTIQM1djvCkAWNgWd_nH3BJXlvIBO7pjTyCsqa7yB5I5dm8AljX7CQN8eONjL4tXKV9tmV8VnbeeNw234YIgxQFn9IxODTFpASnZ1_UlLwoH9mDa2WMWwasiAfgh5GLndRSpMAQXFmVd1bQqC2RVvu0P744ZaNvRIgvLXJ6KLPYirgDr6dKtkzXzPH-D2ar4P67eUU2QLVRVQ--Gn9sz_cHBaj6ElR6ybFY7PO8_E8NY_tCqiDSYM6tFqYnB4NGkvqPC_nVsDA%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=5507060125969&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Sun, 13 Mar 2022 11:31:43 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Sun, 13 Mar 2022 10:31:42 GMT
content-length
0

Redirect headers

Server
nginx/1.17.5
Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Type
application/javascript
Content-Length
0
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=97124400064943500710612011897028&actionid=981741&produktid=&dt_url=
Host
pv.medialead.de
Proxy-Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:EBCC_91EFC182:01BB_622DC80F_C2C2CF5:7DE1
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40028
request_content.php
hal900028.redintelligence.net/ Frame F59D
7 KB
2 KB
Document
General
Full URL
https://hal900028.redintelligence.net/request_content.php?s=97124400064943500710612011897028&a=ea19281c
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=7327bef5f3&subid=&uid=be6e8149e49ba227&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMPXQD8gtYuhkk-3fA8O_o-AOtc35g1f82Lmr5QzwLhABILnb8yZgleKQgqAHyAEJqQIY8YtEyE6yPqgDAaoE3wFP0MlRunBA1UqCHZB560SwhaLJ5PLKHsYyXo1--yBxBJA3mwGTzwHKvmSKoEecDrXYom02OqVgy9GQBe-diDb4ps71gypY6yDPI3s7wLr_dhShotLEEnkutZZ37u1XoVcyNoKQY9szsnbswE4F4ymJj23zrgI8pCRdnVs3bEh3qZNPzJAnIpXjLYf2Mok6FoJDxHvEwsQO7dTkCCLO_6buqWeAkvFAo5HGt3xwhgWjteCp3wp30u0wAxG7bst06u_glBk51A2bDXWqIQCIri9HksrlBk7H5hW5tND_bTdwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoQBQPTKVWPBECDcAlmaxFjeD3Wd7Y5pfREq2FDkYVFsCQMQ%26sig%3DAOD64_1B7B5xLMf-Y-xjqJg0gGBTK4IlAA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-Cx-WULrftp90PzSP47BaEQL1ev6Z4YkAs4HmWeqTy5pd65d4ofRA8Wc0aVq1J5UlyAMPnpAagHyUUtmU-u-BGtBIMsgAy0YFfkmJpsN-xfd5RE5ytG-Y9JcCqMczd8L7Iyoke9FfyHubYC8kA_EtqGAcWrPQ%26cry%3D1%26dbm_d%3DAKAmf-BjTRhM6_8Y6GtW14j63TRTLTA2_zieVAwceLy9Lmggx9u9QP5QLx1y_xTYrwSGdM5k_66gg32dZM8zMJnuObS7_MlKQPmJ7n1gd9Rjsfs3M020bQTQx53i4alimtmkwahQmrsC1eRufJ98P4e-m0oUSG_h-8UKeeGLwBaM6wuiPcdWdKGrZ0QEVtz24ZbDD6yRO1Rf9E8UPkvZN_civTIQM1djvCkAWNgWd_nH3BJXlvIBO7pjTyCsqa7yB5I5dm8AljX7CQN8eONjL4tXKV9tmV8VnbeeNw234YIgxQFn9IxODTFpASnZ1_UlLwoH9mDa2WMWwasiAfgh5GLndRSpMAQXFmVd1bQqC2RVvu0P744ZaNvRIgvLXJ6KLPYirgDr6dKtkzXzPH-D2ar4P67eUU2QLVRVQ--Gn9sz_cHBaj6ElR6ybFY7PO8_E8NY_tCqiDSYM6tFqYnB4NGkvqPC_nVsDA%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=5507060125969&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
350bebaeb7e2ae8396b259b6b7c98a92d0748299c5b06fb97b5d3a7b69429115

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sun, 13 Mar 2022 10:31:43 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2160
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame 58F3
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=97124400064943500710612011897028
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=97124400064943500710612011897028
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B
Image
General
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:37:18 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:EC90_91EFC182:01BB_622DC80F_BFAF4EA:F725
X-IPLB-Instance
40027
Strict-Transport-Security
max-age=15768000
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
cshow.php
www.awin1.com/ Frame 58F3
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=97124400064943500710612011897028&pv=1
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame 58F3
43 B
705 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2588355&v=18692&q=383790&r=296283&pref1=97124400064943500710612011897028&pv=1
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2C50
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:23:30 GMT
expires
Mon, 13 Mar 2023 10:23:30 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
493
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 81CB
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8c6738b987d7226be8dd8628a78a7b8d0de03d1b3883146c547bbf8659df820d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LG28tQnS+fCu4ukKLYF74w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 13 Mar 2022 10:31:43 GMT
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-LG28tQnS+fCu4ukKLYF74w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E6CF
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Sat, 12 Mar 2022 13:26:12 GMT
expires
Sun, 13 Mar 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
75931
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 58F3
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35a325444a0bc4175c8ce57a68c40668f032fdda466aeaa609a23193d6eb43fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
link.html
track.webgains.com/ Frame 865A
1 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jqh2b4ayve293t234crd90gm8qy33gennsk4asz8axm7sesk08gvz3m2p7wkr6pjfxjbas8q72met2phbaeyhmf6wdfkfcteq4jhwax0xxf3z6187ryc2e04a5qn133vsqk6ga0qk7rgx226gt8b1jahxh777y6dchwr6qywhqbgdfpyv84cr20qxgs3j9w4wpxy49dg5zrpkpq320wjy8eqwvacqtrh26qn236fsdr93dgrr8efj54pw0g9764w0gcfb7qbjq154k99rg0w168p0yrtc0q3nc0a7gevry1wfb60hq0%26a%3D&clickref=oneidP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73Aoneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATKREDIT&viewref=oneidrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4Roneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATKREDIT
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
70d75afdf2c4ec977f52f0977d52e4137863e37c88ed4cc45a2a40b038abd8e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Last-Modified
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1470
Expires
Mon, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/ Frame F59D
1 KB
419 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=97124400064943500710612011897028&a=ea19281c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Mar 2022 09:01:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 13 Mar 2022 10:31:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Mar 2022 10:31:43 GMT
/
hal9000.redintelligence.net/scale/ Frame F59D
16 KB
16 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=97124400064943500710612011897028&a=ea19281c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7bbf02d07a9047481f569d2705cd1a395da1c314f0b19cc96558ba97c132b6ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16247
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame F59D
17 KB
17 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=97124400064943500710612011897028&a=ea19281c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
268314ab319caf7c48f031375ae04f67c9e5bb1bb633072694628fb0ea2591b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16857
Vary
Accept-Encoding
Content-Type
image/png
imgawinbanner_120x60_122019-1578486349125.jpg
a1.awin1.com/ads/awin/18692/ Frame F59D
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2588355&v=18692&q=383790&r=296283&pref1=97124400064943500710612011897028&pv=0
  • https://ui2.awin.com/ads/awin/18692/imgawinbanner_120x60_122019-1578486349125.jpg
  • https://a1.awin1.com/ads/awin/18692/imgawinbanner_120x60_122019-1578486349125.jpg
25 KB
25 KB
Image
General
Full URL
https://a1.awin1.com/ads/awin/18692/imgawinbanner_120x60_122019-1578486349125.jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=97124400064943500710612011897028&a=ea19281c
Protocol
H2
Server
151.101.2.110 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
fad88df6f78eca6556822fb4a8d589ac6b8e89a95434f05cc13a452d2f63b6ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:44 GMT
via
1.1 varnish, 1.1 varnish
server
Apache
age
24574
x-cache
HIT, HIT
content-type
image/jpeg
expires
Sun, 13 Mar 2022 15:42:09 GMT
cache-control
max-age=43200
x-cache-hits
1, 716
accept-ranges
bytes
x-timer
S1647167504.169839,VS0,VE0
content-length
25150
x-served-by
cache-fra19156-FRA, cache-hhn4028-HHN

Redirect headers

location
https://a1.awin1.com/ads/awin/18692/imgawinbanner_120x60_122019-1578486349125.jpg
date
Sun, 13 Mar 2022 10:31:44 GMT
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6060
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1JtSeHixqbfIAxLePm4NmjOMeftkXB3bjBBg2G8ncTYTo0sHZHGRFd8DUssbc2a6A5nUIc3Z2FQ-PvwiNE7iOiAF_eCp77yHYVpbHoe84cYXeR3gg1Q&sai=AMfl-YQnSTKPXfVSYPLjaI3bdXKGWPTPdBdop_4bjT9wrYHX3_oy5TFx0eUKkqu74-hcYaWqxS2cQTSNzfJ3JpQATp-iTGfKFKa8X9_YcD0VEKAXUVONmpvpBift8VkJLbWu&sig=Cg0ArKJSzLiq0jvf2VbuEAE&cid=CAASKORoNhxoX9gw_hbV2p5sSrW7-pjyQw0I2oLFvag0mgmKm7jltgmUJIM&id=lidar2&mcvt=1010&p=5071,294,5121,614&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4203880072&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647167502546&rpt=377&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E6CF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1&google_push=AYg5qPI0Q70rhQH60aASjrNAUtcwXI7eRh2RbC5sAIi1lE8RIjlZzqxx1RCCssg8MhzFjGlhB4Z86yV-cLDnZa6jwFmsgwcfF39E
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMwOTU5NTQ1MjUzNDY4NTQxNw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame E6CF
0
103 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGDWg58LHjmB3HANPRShags&google_cver=1&google_push=AYg5qPJ0-u-pl9MK7_1i7oI1aGrjdfwNaumCMzX-Hbix4x_kNgiTqlrUe_I1OPxRRXm_Iae_zVhOyQzr3G0otTovx_gRDDvDw3Kw
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame E6CF
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEC4UCH2S3L3HTvue98ltUjQ&google_cver=1&google_push=AYg5qPJPwq_pg80jvgu_Rkf2liGiQPkX8M6fMfKDUeio-j-VY61JRQLr2Z2rTWKbtO-TSCI4RRgt4YkRdvV3da7sGqzr-pcDXIzl
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5C964958223F48A89FFC7F9C8931A585&google_push=AYg5qPJPwq_pg80jvgu_Rkf2liGiQPkX8M6fMfKDUeio-j-VY61JRQLr2Z2rTWKbtO-TSCI4RRgt4YkRdvV3da7...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5C964958223F48A89FFC7F9C8931A585&google_push=AYg5qPJPwq_pg80jvgu_Rkf2liGiQPkX8M6fMfKDUeio-j-VY61JRQLr2Z2rTWKbtO-TSCI4RRgt4YkRdvV3da7sGqzr-pcDXIzl
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 13 Mar 2022 10:31:44 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5C964958223F48A89FFC7F9C8931A585&google_push=AYg5qPJPwq_pg80jvgu_Rkf2liGiQPkX8M6fMfKDUeio-j-VY61JRQLr2Z2rTWKbtO-TSCI4RRgt4YkRdvV3da7sGqzr-pcDXIzl
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 12 Mar 2022 10:31:44 GMT
pixel
cm.g.doubleclick.net/ Frame E6CF
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESECQxMWCyA5RaR4Bs2FVgoKI&google_cver=1&google_push=AYg5qPLI3xkEzT1-e1ZrjSvb7vLe7ZzG4_RkiOT9XVRZanQQ5ccohWzzT4F58fwq8bAQOUS_zx7...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESECQxMWCyA5RaR4Bs2FVgoKI&google_cver=1&google_push=AYg5qPLI3xkEzT1-e1ZrjSvb7vLe7ZzG4_RkiOT9XVRZanQQ5ccohWzzT4F58fwq8bAQOUS_zx7...
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=FOYGkJR8TMmtK8elTk_IuA&gdpr=1&gdpr_consent=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=FOYGkJR8TMmtK8elTk_IuA&gdpr=1&gdpr_consent=
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
Apache-Coyote/1.1
location
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=FOYGkJR8TMmtK8elTk_IuA&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
pixel
cm.g.doubleclick.net/ Frame E6CF
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELMirBMp3YVTJUaF1jkTGKs&google_cver=1&google_push=AYg5qPJotD_WqLDz-_F0HeCPXQsRTcV9sHtfLgMW_3ZT4KQuvNJhutOWUYq0mRAfgJHFbqkEkFAqoP2oO3VDXUXq...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2ShuyzY3TBa_U9EZ7-W6Fw2&google_push=AYg5qPJotD_WqLDz-_F0HeCPXQsRTcV9sHtfLgMW_3ZT4KQuvNJhutOWUYq0mRAfgJHFbqkEkFAqoP2oO3VDXUXqK3nzb_2TNOkp
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2ShuyzY3TBa_U9EZ7-W6Fw2&google_push=AYg5qPJotD_WqLDz-_F0HeCPXQsRTcV9sHtfLgMW_3ZT4KQuvNJhutOWUYq0mRAfgJHFbqkEkFAqoP2oO3VDXUXqK3nzb_2TNOkp
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 13 Mar 2022 10:31:44 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2ShuyzY3TBa_U9EZ7-W6Fw2&google_push=AYg5qPJotD_WqLDz-_F0HeCPXQsRTcV9sHtfLgMW_3ZT4KQuvNJhutOWUYq0mRAfgJHFbqkEkFAqoP2oO3VDXUXqK3nzb_2TNOkp
x-host
tde-deliveryengine-production-6b8798558c-tbd2p
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame E6CF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJmi2jU6klHhn74MCggbP7U&google_cver=1&google_push=AYg5qPJjlwVuCnk0aKujopImRH66lyos0IailP8mDaR7ONXoaik92VMhqU3BksHET1iqnp9-Z6UsLPLO...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPJjlwVuCnk0aKujopImRH66lyos0IailP8mDaR7ONXoaik92VMhqU3BksHET1iqnp9-Z6UsLP...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPJjlwVuCnk0aKujopImRH66lyos0IailP8mDaR7ONXoaik92VMhqU3BksHET1iqnp9-Z6UsLPLOAjBwUCF-bUnAiKAnsHo
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPJjlwVuCnk0aKujopImRH66lyos0IailP8mDaR7ONXoaik92VMhqU3BksHET1iqnp9-Z6UsLPLOAjBwUCF-bUnAiKAnsHo
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame E6CF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPK5dXiYfFKy_FSSjCbkj3I62Q_5JkRJ3yCu7sLc57J4TeY4xHgto8bbWFKMAK5LYmaHtM4o9klGpLl_vf43GQjYCAvhqfXZ&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-4ba235ce-d577-4322-bac4-4afb85905177-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPK5dXiYfFKy_FSSjCbkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK5dXiYfFKy_FSSjCbkj3I62Q_5JkRJ3yCu7sLc57J4TeY4xHgto8bbWFKMAK5LYmaHtM4o9klGpLl_vf43GQjYCAvhqfXZ&google_hm=A0uiNc7Vd0MiusRK-4WQUXc
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK5dXiYfFKy_FSSjCbkj3I62Q_5JkRJ3yCu7sLc57J4TeY4xHgto8bbWFKMAK5LYmaHtM4o9klGpLl_vf43GQjYCAvhqfXZ&google_hm=A0uiNc7Vd0MiusRK-4WQUXc
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK5dXiYfFKy_FSSjCbkj3I62Q_5JkRJ3yCu7sLc57J4TeY4xHgto8bbWFKMAK5LYmaHtM4o9klGpLl_vf43GQjYCAvhqfXZ&google_hm=A0uiNc7Vd0MiusRK-4WQUXc
date
Sun, 13 Mar 2022 10:31:44 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4ba235ced5774322bac44afb85905177003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame E6CF
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JqcZQo7YzTMwkd5pS5Md_Tn-VLA4tr7Iczonb6uwcsRcGa60g7Exp9enh-Tya9JcFjGPZb
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 9A69
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030801&jk=4210770730355657&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 0ECA
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 81CB
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030801&jk=301711144975138&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 2C50
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
viewability
hal900028.redintelligence.net/ Frame F59D
0
150 B
Script
General
Full URL
https://hal900028.redintelligence.net/viewability?s=97124400064943500710612011897028&a=efa0c76c&vb=m
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=97124400064943500710612011897028&a=ea19281c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/request_content.php?s=97124400064943500710612011897028&a=ea19281c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame D274
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3XylD8gtYrn3HrSJx_APoYOM6A0AAAAAOAHgBAI&bg=!Hh2lHVnNAAb7UztL-1M7ACkAdvg8WmUJUMXGD8qehxUbqa_yrfcsxG0cW9uODSEnI5vN2P6CxkE_0AIAAADCUgAAAAFoAQeZAyZjmvXcp9SaCFhEeWzHHSjN_nmTvs7LkosR158do4HnJsUpAb-fAzdT1RN-06Z8W4DK4pcwA1RKTLcp_O2pp0zzJr0v4-IGfykIWUWL7A_U17VssQOXRcXpJXKpZHQQEbBKMn2TGF-fbveqexQc7VaD11jN6HUL27nwKf8DJfoi4WVxNBLlFzcgc7KVDsxU9iajbCc5j3K06x4kNvxheMD0f-pHOQVcEXvh8YTrH3FgeVsJQf2clBhQA6rsaR6WG_nyOCN_bH4tpkrNYDUExzjAUZ-YOd6xkCAJX3UcABHwJw48pRvvXwSwqp8Z5jLFg1_lO5wK7aoBnuOfPMlapaag80HZzS_Fj-GOWYK69nlnalHKHSokFwROyvk9D3JChvsrA4nLM8VXceB7ST539UsN2q2qpgjRXkCub86ZvSVcNjYZFuY_D2P0DAbzEWT_VMXSjt7qzgq6VPv3J3hPtq3yt-61mQDAHLWcN890cGT3uxTKMNtktAAUu_qfY10823js2JJiCNGMAtjPOYdHlacereohKcmhCzL0NJD00i1L1OpUqhCABsZPZMFPp989G--MEshdWV5uovtxZ2H75C_jxDdddNTyJ49pqV1ZTfkVSxBUsRJIme65UjuUDPt6a6jabGb9Lk-rK3U8-pCY6NEpoF07Dx_2n3Azm-lEEoEGV85dZF_CRF6fR10Ao-8oocJKqALNc85WotVeiKjRGLJjUoBYcMgtzkSLT26Vs2nVll1Fy7GWMKZvg9luRYULBsf3kMfAXhdutLUIUWGoQST-kdUPvZ19ngaLN4l7Ysubjhk0jNM5MJAiL1713cC4tsbgmD-ch82M7Opha6rBfmwTheyIjHTI47JVG4Q8aHLhZD5fjfgBnKMsQ0RsFWlENT7JYWS5IR3p7Fe3bqlDc4mdmC0MMSQx1tnhjQXmGLGGAQNNTrW_iMfXaofGrvoCuDvJBdYyX5BL8AUBRePf4zMLqRnXxzy73zNMCzFBltBCDvCQOZk7F-26PK3TRpCEkAyulU7iD3NAD055VWkFkaIZ8-Bu1-gfwing2ep3NY8qSTv9F8HTgg
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 865A
51 KB
51 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jqh2b4ayve293t234crd90gm8qy33gennsk4asz8axm7sesk08gvz3m2p7wkr6pjfxjbas8q72met2phbaeyhmf6wdfkfcteq4jhwax0xxf3z6187ryc2e04a5qn133vsqk6ga0qk7rgx226gt8b1jahxh777y6dchwr6qywhqbgdfpyv84cr20qxgs3j9w4wpxy49dg5zrpkpq320wjy8eqwvacqtrh26qn236fsdr93dgrr8efj54pw0g9764w0gcfb7qbjq154k99rg0w168p0yrtc0q3nc0a7gevry1wfb60hq0%26a%3D&clickref=oneidP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73Aoneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATKREDIT&viewref=oneidrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4Roneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATKREDIT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-214-118.arn56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 a626e6748fd7659cdc58de81924341d6.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
20320
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 13 Mar 2022 04:53:05 GMT
x-amz-cf-pop
ARN56-P1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
5vOHRXylWV_mosFakI_bxhSlGnND1xSdubO_IPk0jdX8De5FPT7rLQ==
link.html
track.webgains.com/ Frame 865A
85 KB
85 KB
Image
General
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidzgQBTRfYfbqxteCBHMtqtzX4sVSZtg31UWoneid__asuidg5ujv9j95YxcDRLtXR0FJ2e45SrEw0-gasuid__adalliance_mobile_advancedad_300x250&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:44 GMT
Last-Modified
Sun, 13 Mar 2022 10:31:44 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 2C50
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?1RHBWA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 0ECA
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?Y5yhwA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
collect
h.clarity.ms/
0
48 B
XHR
General
Full URL
https://h.clarity.ms/collect
Requested by
Host: h.clarity.ms
URL: https://h.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:43 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
container.html
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F911
6 KB
3 KB
Document
General
Full URL
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:31:43 GMT
expires
Mon, 13 Mar 2023 10:31:43 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/b8f16d313ac836832299f4e9bcc5aa59:455d5111cd98628349af90cd2c71f46095c6853c943a6f365b140e3f8da6037298b414c4db1090666d2403e5cabde609462b437d0e978572c25c3bdcb295ca3a6d12f6995158109... Frame
0
0
Preflight
General
Full URL
https://api.purpleads.io/x/a/b8f16d313ac836832299f4e9bcc5aa59:455d5111cd98628349af90cd2c71f46095c6853c943a6f365b140e3f8da6037298b414c4db1090666d2403e5cabde609462b437d0e978572c25c3bdcb295ca3a6d12f6995158109a463cd849c5d6d14d8e11561cc2539782adb71f0a705086481eef2cbb720a7db6d12ae878a064634de0b8f6b00a39e37456a0fa99571164f67c3db6e209e4f53dea98235661ad37d0/i?id=a60ad3fa-d590-4016-b206-987d15c4a058&ts=1647167504192
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:44 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
f6d4fd50-966e-48d5-a291-97961b401e12
i
api.purpleads.io/x/a/b8f16d313ac836832299f4e9bcc5aa59:455d5111cd98628349af90cd2c71f46095c6853c943a6f365b140e3f8da6037298b414c4db1090666d2403e5cabde609462b437d0e978572c25c3bdcb295ca3a6d12f6995158109...
0
199 B
Fetch
General
Full URL
https://api.purpleads.io/x/a/b8f16d313ac836832299f4e9bcc5aa59:455d5111cd98628349af90cd2c71f46095c6853c943a6f365b140e3f8da6037298b414c4db1090666d2403e5cabde609462b437d0e978572c25c3bdcb295ca3a6d12f6995158109a463cd849c5d6d14d8e11561cc2539782adb71f0a705086481eef2cbb720a7db6d12ae878a064634de0b8f6b00a39e37456a0fa99571164f67c3db6e209e4f53dea98235661ad37d0/i?id=a60ad3fa-d590-4016-b206-987d15c4a058&ts=1647167504192
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:44 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
5b0ee593-a590-4d6c-88dc-f872beb1e9f6
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7074
499 B
334 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1-OpXTAB&v=APEucNXRxOS81FmBtegPjxJk2mub9I7cbdWXw4Un86Nbc7dbY2EA7Yfced3FIO-Vck_eGx4joHYpI1UKRGBXPWRM3lTEuH9bU2ztI-OJpfOxttldH6UEGRVf0mEV4jh11uCfsKLkxef6mWfj15mMlzoK6GMQvGrIDyqOgi1QLkevST0BSJxbVKY
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 13 Mar 2022 10:31:44 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame F911
27 KB
16 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AG2AEdaibkkRuGl2fEmWNgwYNvg_LYnEMnKAHzvgDwdkuI8wQxNY0q6sh09hsGSEjsLTCiIpqrJwYJaOHNOi0xIDX3-M9fxa8CA9mc7wqiGMP1qtP4lmanZfYt09ml045mc00_D86J9AzpNkobrkSkU0IXuA&cry=1&dbm_d=AKAmf-DIzhVbsv9gjChbuxQJfCJR47tu9rOZAi9Bhvcyp-PidtL-_XkpYKzF9LspX78rV5m6ve1WEg4EuNxQTfzLoimXdVbGJ_rEQxZgqEIJ3yuKbTr_VBnROJGg1E5cwf2M-0n9aPqRebflPwNmfOUlEj0Dd65NGogeG9pe5LNw2lhS76vVAjYqU3-DUEVmd8lIl1D2AOAzXvk9_A2WgMC4g811jRXyFIOEusvjPSUJ6968BfZbp0enqbDrsrISrFaMh5UCXUo_vLfDdnQSPCqQ1aefw2aswz2YabJWwxu8HSGi7Low95EoyOyj0Ad8_-FaJCxdMgliUViWtDOTyjDOT9lOxoDYmRAnuuWRoBmTZ7hVIom06ACg0mqm_U5D7fCXSePi30UKMfTP3kSTKytJ4Jw8Sn44UbNm1fepToEZI4icePk1s87jaCClE4--Hn14kelaNLmvzgrp7GzSw829-aKzKfl7Ugd-zokeuPSTXTb1y38mSjHdebes4MRkcrCnZZqM6qhKzRSHde6QNGDuhe8TUz4aOJPTXLn36i9qKivu_SkXwVFow0oQUG2Fmg6X0WuAErevJy2QQhG66Ke_5MBe7FFRO0BHurOXHaTO4blffAeH06z29BsdhaZagl8xhjzMc52pgz20fmPZMY8IjP89JrhnvwU1Nfb9PjgfDdRN5gUax7lUdKg-9S1ZF170E81HxrNabVdsw8xzh9bxSfMJmxhaLkw32ASjxzvo8O--Jb_rXrTztLu9K_FcR1E1iSOuisqq5eLCuyHrHvHbtLD6n61FMxv13m1R3IXrfJWxKLT-9AnxebDxX4etH5qVIqzkWLaGIq2KqdMrfG0KB4cpQLwy39p8FxY_hqb5VeP06Q8ijuHelZh_KM1KS1R9jtKujZDaXWUd1gbDPYohyG2ej1BtDOPMFKhNTh6dErpoMPsiAdQTZPq3q1R4-T2RscWWdNWunQAbI5FFcckRJdHeVFbnF4s_ByeXPx0LeZgrijqUIfrA_If5NueLg-Mr_zu3p3XD6hdxOVtZpWBbuLu9lTXtKwbqziA3qAiKCysgECY4oT2XUTqQVqNNsPRT-Kg7L1mNawD39G3eGRb6LGh2MIL6oS82En9k6pjcg-NVbDFGAiWXjQJAn6TzvAMXx4jOwJ8q2aYQc_TqM1RRlCghsQDhX7yf4dZBq1uDwPTQKQThOdjd2ioGEQd-7pewYBSyLq0Rwtz5Xy839c2NK41QSLLEq5IX7NG4wJLQ59d2sa4FpxU6v2XhLw012mweb_rBw9k4UbN8UIUEoiV1wO0w7XuNmFkzYqXb-MvvOTNEP96Ciu9DvY7RAnRksZERf9wekTlHzfEpGf4ENlxaq11ndQrJZu7c7K-ca0jlYZ3tJOPff1Dzr1J-cbJTwtDalpGgI8Lama9AlL8vXcJ3Nh3fnzYEcf9Kkgi3t1QDYgdcPTrrrjTZlktIdL43Xb3YUZcERRUx3lbkhX3HTrPaIxmhqcc3g6Hez2QC_vZ9ncIEUnX751hVjvoDtWR-3mHJxoZJQz9IMCHE70He2NJLWTta5cadAJhVbeoaa7K2S7nQiDCUN3szQduU_6ppKKi5KhGNTlnFwnptev_X2ksoJR7zuuwwWluIFAD5J3Ct77wSwjSb7xPbFt-vm1jMme1rcsGRvbAmTjnQMAO2RN-ZViaVNnLUIclR_Mr2N7QjDX7kpzTrsBYveOfeFjlemIgQg6NDmYKdWWz7G42aIUxY-vR7Fho0YvwcjyNR2oU_NCNxWxwVOsTQX1qXxAKbkdIeKf6kWwgRoPobhoh6MxCYNeBPBSali92NzLxpQD4PvV-S2hAAeV70C-eh_Vu5l9_5qN5bSAEjCJcO6ATB0ovXbbZTZIcuR7BDeH8OLny_CO5yVDMYUwBwXep9tYswE4IHE3bogIn6rB-nCDfR-Rz5qxQ5tb5L5KbCA_8LtwN6vqo83r_0lOl5tJL5n7vym9S4csDklhyWWvGAHrU19zjRfPtBsY7o_N1i9jXGLIenDMP5vXyj5HWJoTvatPNPGJ1hWju0AaJ540WI9nZp9Rvmk9B8nyQbjCkH5r92j9UCMLt90abP3mvlLaT4zZVq6NiyW5dC4JtBRRm6B3_4K8UiyNq29QoqulHVRcUlZ3-jQwQfcHRCpgcx65I-M19Jc9ivobl7hjcjbZV6pgEJXdhgFaf9si4OapN9iHYu1Z4HAAr7lnhPgS7VnRl3NdHVtigdnbWsx2XBTy2_tZtsGyseZscPREonobl8LMwBlBzKb3CSSdkQ2LCHY17AcmyUwARESxW4B0CPxqIBcAwhSu3KNLUfYpeatE5JlqkZ4GpaTwqi8qQ8SvyppjW2pLHspFvLPbU4U8OJMoOWfZCdcdecC6KUh_nSY7nmpIuPi5DM0Worz7-n_PYohm17TACMA0COulyBUG8sf3YZ4jMrp3o6J1U_nKvRAvGzCxdqgSsyKJzUUpi6z_hN5BIDtMhqwf-0U-pXR0mpopOmabtWVP3AsnM5ZuK_B_Jr2MBxgySym8Cb_WjXr-3yjbt-ptYlcb0HxZdrIHaHhvFcVwWxTtU9-aUuGoIhT5RiVYBpXY7djaL_H_IyFwYc91-Ab8rZ273LmMTRHWLK3MEhfmi3nDBlw0qGQFq7BgzB1piPcohz-3KmYwVxBiYxMo9w8cF7TWN1mFruKw4ePTUXRUYVLSqP4xBie9ksONsqSp8JhWpVHh8MCaKPNNogtZYVnfxTEzRbwVLWzBMHJuG9s4-KvhVP-23enESQMBd6veGxP-zWfNIrhA6-pKyGrCS-XmHMxlwZUo_sAaFQXZJ1aGtyl3l5XTq39FG7YQ6GvpylJV_1syjNmo3KIq6ou8WcbCHvi_wrS2W5hViBhalzAPuIgJXM3naJEklSFjap2Wykjs99fiONhrJLa-zW1z8koqTDGTK5goHqk4V1-szYV8rf9aHyjWq4tNsSJvyMGgiK5jAy8NAZjpbFyX_rTlpEqqP8BQ2_DyfJ9XzTHH1IbBnT4Ls-lkLoRheoq9OZXsMvBpouO4vmBkWzSw_0vp3OYW3CnKe0PsCi_pMN7eAcg_AYuuU8ULLd-uoibHG-0TEPaPp78rTcEe614AYQmKMjwYZqDx3GKH723ZtPUm6wxRx2MjSYX10_cDP-v0Dbn5ucgZZcqcjNYOXB6cW-W2MYqUG7-lcQyUfUgijaGdwi39LosyQAEjNuXXwojKxPC7Drc1TkU_00rctr5XXTkQNiT1f3-Sk6URvDfUwNl6Gm-HUpZSircttOxk_Zmg&cid=CAASJORox6xv8kVe_vCkG2H-WfFWi_NFrYs8JUZdEJFHZ5bcym8Zmw&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4737c095b2fe07c3277576ec1875b043639cdf54d6527ede7109908abc6d299a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16239
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F911
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DBh9ZwiN5v7X9Z8zAQz29wZcNFPZRBN3PzFWjLeww8aLgrRgULci05AT46XmCfJJifxPtpmhunlmb_iT1GpBA1OWVatuJBsyDwf_OqK3PSio1gaak
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame F911
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F911
117 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36343
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646830771070120"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:44 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame F911
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:29:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6397
x-xss-protection
0
server
cafe
etag
14404976697706490601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:29:53 GMT
l
www.google.com/ads/measurement/ Frame F911
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMEFiWXqrm9SlosBuhR_Kdjf-WDdbdFp0e8kVfXqXTSe5iEXWsoVpySXCgPwO7KEdsRhYq6tK-946tXoyaTY68ObT81A
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame B2ED
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030801&jk=2612437989791563&bg=!hYalhsLNAAb7UztL-1M7ACkAdvg8Wse1DHc4uo0teK8h-1mUm_LVLqgLslnY00hWzjq2zekebxUvgwIAAAC0UgAAAAJoAQeZAtYR-QVZ2Uv5kMFYJClE-0lSbd0CnOTbwzeCiMPjSQeOOoJfkXpd6LP0_iEg0vZn8-CPyoA7CEyPoRjPQWNv5UNmGyfuDBoeOYC7WUGrPm_iyldAscmaqNMZ__Rap7Ue8czi-9r56xoqlyoQEqMyqzA9MeJz0RHodQcgimz7ncGl2F5eonHyfTo0izTpakpZ3-EGWCb0XMk-pK5wt5FzGAuTPm4l1WNyt7xbfndEaOUjQDB17HbKjYyPsr-Ebgzxl7jY9iPqUJkN9nLRryHON5SRB5TWY3Ldh6g1hgH-mLNQwIA2axmsXAleESCKAkiHmoReZ-Ue2PxPFmk8tNKLe5Y5ydMQEbh0AXAvy2CrfBwOdkZLQ_TPDKrZ1OxgMqmLRiqUR0n7xYn-Qik43wuSBtT5MrXIP8-UDvV7V4ALqsZnJvcyUYDXyHMh8O7hTAQqw0giITAVGeJbuoYFSdDObWGmadcRyngfu6whS39YK2fYQFci2rjFqcMXFgNbkhwTrPnzKvSSVnxJOkN53eRMqrrsRU_eIkj70xi_m0ViADQxn0gWn1Ce9ZAPXRyogqq-zkplGM9j5l-EHgmz8KUV7-tIXoJmEB4N-didh7O_9RxYt0PKu5TaGSr3lmo-48OSHQhjrv-Fk4koLHDPxOvN9kx99B4O0CUzS16Xw-tlzV-v00E0HDgSlqn9aC1K5CFYIGN4k-Lrm6EVm8vT-T728MRfUL1K8zjCxl5NO3MDTsxR9fQPkNBoXeRuFWLeWcUrvh4Ycf8xIlRcgAS3Kunn2N6NCYH3IbE1BLAMpURsbvIKGyWEjSfvceeaWlIVYf99XOrtIZLi2UUf7PLhPCGs6R2WHUljC7DlZ5NkYF7hazC7OY1_hc72mjKrq4wjBLg0N2yPWhKYbCnFYSKh0QbkOHNeRDeTdMtaqMx46zVA8nKvxcdqu40YniKDE6MNrzR5iQ83eek23Ow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 7074
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEENTucHRFYD2JZPs-uximaM&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEENTucHRFYD2JZPs-uximaM&google_cver=1&__user_check__=1&sync_id=c76841fd-a2b8-11ec-8af8-102ad03c0206
43 B
548 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEENTucHRFYD2JZPs-uximaM&google_cver=1&__user_check__=1&sync_id=c76841fd-a2b8-11ec-8af8-102ad03c0206
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1-OpXTAB&v=APEucNXRxOS81FmBtegPjxJk2mub9I7cbdWXw4Un86Nbc7dbY2EA7Yfced3FIO-Vck_eGx4joHYpI1UKRGBXPWRM3lTEuH9bU2ztI-OJpfOxttldH6UEGRVf0mEV4jh11uCfsKLkxef6mWfj15mMlzoK6GMQvGrIDyqOgi1QLkevST0BSJxbVKY
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
33
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEENTucHRFYD2JZPs-uximaM&google_cver=1&__user_check__=1&sync_id=c76841fd-a2b8-11ec-8af8-102ad03c0206
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
134
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 7074
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Yzc2ODNiZjQtYTJiOC0xMWVjLWI5OWYtMTkyY2IxNmUwMjA2
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Yzc2ODNiZjQtYTJiOC0xMWVjLWI5OWYtMTkyY2IxNmUwMjA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1-OpXTAB&v=APEucNXRxOS81FmBtegPjxJk2mub9I7cbdWXw4Un86Nbc7dbY2EA7Yfced3FIO-Vck_eGx4joHYpI1UKRGBXPWRM3lTEuH9bU2ztI-OJpfOxttldH6UEGRVf0mEV4jh11uCfsKLkxef6mWfj15mMlzoK6GMQvGrIDyqOgi1QLkevST0BSJxbVKY
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Yzc2ODNiZjQtYTJiOC0xMWVjLWI5OWYtMTkyY2IxNmUwMjA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
35
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame 7074
0
194 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1-OpXTAB&v=APEucNXRxOS81FmBtegPjxJk2mub9I7cbdWXw4Un86Nbc7dbY2EA7Yfced3FIO-Vck_eGx4joHYpI1UKRGBXPWRM3lTEuH9bU2ztI-OJpfOxttldH6UEGRVf0mEV4jh11uCfsKLkxef6mWfj15mMlzoK6GMQvGrIDyqOgi1QLkevST0BSJxbVKY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:44 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame F911
25 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AG2AEdaibkkRuGl2fEmWNgwYNvg_LYnEMnKAHzvgDwdkuI8wQxNY0q6sh09hsGSEjsLTCiIpqrJwYJaOHNOi0xIDX3-M9fxa8CA9mc7wqiGMP1qtP4lmanZfYt09ml045mc00_D86J9AzpNkobrkSkU0IXuA&cry=1&dbm_d=AKAmf-DIzhVbsv9gjChbuxQJfCJR47tu9rOZAi9Bhvcyp-PidtL-_XkpYKzF9LspX78rV5m6ve1WEg4EuNxQTfzLoimXdVbGJ_rEQxZgqEIJ3yuKbTr_VBnROJGg1E5cwf2M-0n9aPqRebflPwNmfOUlEj0Dd65NGogeG9pe5LNw2lhS76vVAjYqU3-DUEVmd8lIl1D2AOAzXvk9_A2WgMC4g811jRXyFIOEusvjPSUJ6968BfZbp0enqbDrsrISrFaMh5UCXUo_vLfDdnQSPCqQ1aefw2aswz2YabJWwxu8HSGi7Low95EoyOyj0Ad8_-FaJCxdMgliUViWtDOTyjDOT9lOxoDYmRAnuuWRoBmTZ7hVIom06ACg0mqm_U5D7fCXSePi30UKMfTP3kSTKytJ4Jw8Sn44UbNm1fepToEZI4icePk1s87jaCClE4--Hn14kelaNLmvzgrp7GzSw829-aKzKfl7Ugd-zokeuPSTXTb1y38mSjHdebes4MRkcrCnZZqM6qhKzRSHde6QNGDuhe8TUz4aOJPTXLn36i9qKivu_SkXwVFow0oQUG2Fmg6X0WuAErevJy2QQhG66Ke_5MBe7FFRO0BHurOXHaTO4blffAeH06z29BsdhaZagl8xhjzMc52pgz20fmPZMY8IjP89JrhnvwU1Nfb9PjgfDdRN5gUax7lUdKg-9S1ZF170E81HxrNabVdsw8xzh9bxSfMJmxhaLkw32ASjxzvo8O--Jb_rXrTztLu9K_FcR1E1iSOuisqq5eLCuyHrHvHbtLD6n61FMxv13m1R3IXrfJWxKLT-9AnxebDxX4etH5qVIqzkWLaGIq2KqdMrfG0KB4cpQLwy39p8FxY_hqb5VeP06Q8ijuHelZh_KM1KS1R9jtKujZDaXWUd1gbDPYohyG2ej1BtDOPMFKhNTh6dErpoMPsiAdQTZPq3q1R4-T2RscWWdNWunQAbI5FFcckRJdHeVFbnF4s_ByeXPx0LeZgrijqUIfrA_If5NueLg-Mr_zu3p3XD6hdxOVtZpWBbuLu9lTXtKwbqziA3qAiKCysgECY4oT2XUTqQVqNNsPRT-Kg7L1mNawD39G3eGRb6LGh2MIL6oS82En9k6pjcg-NVbDFGAiWXjQJAn6TzvAMXx4jOwJ8q2aYQc_TqM1RRlCghsQDhX7yf4dZBq1uDwPTQKQThOdjd2ioGEQd-7pewYBSyLq0Rwtz5Xy839c2NK41QSLLEq5IX7NG4wJLQ59d2sa4FpxU6v2XhLw012mweb_rBw9k4UbN8UIUEoiV1wO0w7XuNmFkzYqXb-MvvOTNEP96Ciu9DvY7RAnRksZERf9wekTlHzfEpGf4ENlxaq11ndQrJZu7c7K-ca0jlYZ3tJOPff1Dzr1J-cbJTwtDalpGgI8Lama9AlL8vXcJ3Nh3fnzYEcf9Kkgi3t1QDYgdcPTrrrjTZlktIdL43Xb3YUZcERRUx3lbkhX3HTrPaIxmhqcc3g6Hez2QC_vZ9ncIEUnX751hVjvoDtWR-3mHJxoZJQz9IMCHE70He2NJLWTta5cadAJhVbeoaa7K2S7nQiDCUN3szQduU_6ppKKi5KhGNTlnFwnptev_X2ksoJR7zuuwwWluIFAD5J3Ct77wSwjSb7xPbFt-vm1jMme1rcsGRvbAmTjnQMAO2RN-ZViaVNnLUIclR_Mr2N7QjDX7kpzTrsBYveOfeFjlemIgQg6NDmYKdWWz7G42aIUxY-vR7Fho0YvwcjyNR2oU_NCNxWxwVOsTQX1qXxAKbkdIeKf6kWwgRoPobhoh6MxCYNeBPBSali92NzLxpQD4PvV-S2hAAeV70C-eh_Vu5l9_5qN5bSAEjCJcO6ATB0ovXbbZTZIcuR7BDeH8OLny_CO5yVDMYUwBwXep9tYswE4IHE3bogIn6rB-nCDfR-Rz5qxQ5tb5L5KbCA_8LtwN6vqo83r_0lOl5tJL5n7vym9S4csDklhyWWvGAHrU19zjRfPtBsY7o_N1i9jXGLIenDMP5vXyj5HWJoTvatPNPGJ1hWju0AaJ540WI9nZp9Rvmk9B8nyQbjCkH5r92j9UCMLt90abP3mvlLaT4zZVq6NiyW5dC4JtBRRm6B3_4K8UiyNq29QoqulHVRcUlZ3-jQwQfcHRCpgcx65I-M19Jc9ivobl7hjcjbZV6pgEJXdhgFaf9si4OapN9iHYu1Z4HAAr7lnhPgS7VnRl3NdHVtigdnbWsx2XBTy2_tZtsGyseZscPREonobl8LMwBlBzKb3CSSdkQ2LCHY17AcmyUwARESxW4B0CPxqIBcAwhSu3KNLUfYpeatE5JlqkZ4GpaTwqi8qQ8SvyppjW2pLHspFvLPbU4U8OJMoOWfZCdcdecC6KUh_nSY7nmpIuPi5DM0Worz7-n_PYohm17TACMA0COulyBUG8sf3YZ4jMrp3o6J1U_nKvRAvGzCxdqgSsyKJzUUpi6z_hN5BIDtMhqwf-0U-pXR0mpopOmabtWVP3AsnM5ZuK_B_Jr2MBxgySym8Cb_WjXr-3yjbt-ptYlcb0HxZdrIHaHhvFcVwWxTtU9-aUuGoIhT5RiVYBpXY7djaL_H_IyFwYc91-Ab8rZ273LmMTRHWLK3MEhfmi3nDBlw0qGQFq7BgzB1piPcohz-3KmYwVxBiYxMo9w8cF7TWN1mFruKw4ePTUXRUYVLSqP4xBie9ksONsqSp8JhWpVHh8MCaKPNNogtZYVnfxTEzRbwVLWzBMHJuG9s4-KvhVP-23enESQMBd6veGxP-zWfNIrhA6-pKyGrCS-XmHMxlwZUo_sAaFQXZJ1aGtyl3l5XTq39FG7YQ6GvpylJV_1syjNmo3KIq6ou8WcbCHvi_wrS2W5hViBhalzAPuIgJXM3naJEklSFjap2Wykjs99fiONhrJLa-zW1z8koqTDGTK5goHqk4V1-szYV8rf9aHyjWq4tNsSJvyMGgiK5jAy8NAZjpbFyX_rTlpEqqP8BQ2_DyfJ9XzTHH1IbBnT4Ls-lkLoRheoq9OZXsMvBpouO4vmBkWzSw_0vp3OYW3CnKe0PsCi_pMN7eAcg_AYuuU8ULLd-uoibHG-0TEPaPp78rTcEe614AYQmKMjwYZqDx3GKH723ZtPUm6wxRx2MjSYX10_cDP-v0Dbn5ucgZZcqcjNYOXB6cW-W2MYqUG7-lcQyUfUgijaGdwi39LosyQAEjNuXXwojKxPC7Drc1TkU_00rctr5XXTkQNiT1f3-Sk6URvDfUwNl6Gm-HUpZSircttOxk_Zmg&cid=CAASJORox6xv8kVe_vCkG2H-WfFWi_NFrYs8JUZdEJFHZ5bcym8Zmw&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
947e22d9ed05fbe3f5ed3c4ee35618a1910a85968f48a22c0277f9936f2eb769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
5177785407398320510
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F911
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AG2AEdaibkkRuGl2fEmWNgwYNvg_LYnEMnKAHzvgDwdkuI8wQxNY0q6sh09hsGSEjsLTCiIpqrJwYJaOHNOi0xIDX3-M9fxa8CA9mc7wqiGMP1qtP4lmanZfYt09ml045mc00_D86J9AzpNkobrkSkU0IXuA&cry=1&dbm_d=AKAmf-DIzhVbsv9gjChbuxQJfCJR47tu9rOZAi9Bhvcyp-PidtL-_XkpYKzF9LspX78rV5m6ve1WEg4EuNxQTfzLoimXdVbGJ_rEQxZgqEIJ3yuKbTr_VBnROJGg1E5cwf2M-0n9aPqRebflPwNmfOUlEj0Dd65NGogeG9pe5LNw2lhS76vVAjYqU3-DUEVmd8lIl1D2AOAzXvk9_A2WgMC4g811jRXyFIOEusvjPSUJ6968BfZbp0enqbDrsrISrFaMh5UCXUo_vLfDdnQSPCqQ1aefw2aswz2YabJWwxu8HSGi7Low95EoyOyj0Ad8_-FaJCxdMgliUViWtDOTyjDOT9lOxoDYmRAnuuWRoBmTZ7hVIom06ACg0mqm_U5D7fCXSePi30UKMfTP3kSTKytJ4Jw8Sn44UbNm1fepToEZI4icePk1s87jaCClE4--Hn14kelaNLmvzgrp7GzSw829-aKzKfl7Ugd-zokeuPSTXTb1y38mSjHdebes4MRkcrCnZZqM6qhKzRSHde6QNGDuhe8TUz4aOJPTXLn36i9qKivu_SkXwVFow0oQUG2Fmg6X0WuAErevJy2QQhG66Ke_5MBe7FFRO0BHurOXHaTO4blffAeH06z29BsdhaZagl8xhjzMc52pgz20fmPZMY8IjP89JrhnvwU1Nfb9PjgfDdRN5gUax7lUdKg-9S1ZF170E81HxrNabVdsw8xzh9bxSfMJmxhaLkw32ASjxzvo8O--Jb_rXrTztLu9K_FcR1E1iSOuisqq5eLCuyHrHvHbtLD6n61FMxv13m1R3IXrfJWxKLT-9AnxebDxX4etH5qVIqzkWLaGIq2KqdMrfG0KB4cpQLwy39p8FxY_hqb5VeP06Q8ijuHelZh_KM1KS1R9jtKujZDaXWUd1gbDPYohyG2ej1BtDOPMFKhNTh6dErpoMPsiAdQTZPq3q1R4-T2RscWWdNWunQAbI5FFcckRJdHeVFbnF4s_ByeXPx0LeZgrijqUIfrA_If5NueLg-Mr_zu3p3XD6hdxOVtZpWBbuLu9lTXtKwbqziA3qAiKCysgECY4oT2XUTqQVqNNsPRT-Kg7L1mNawD39G3eGRb6LGh2MIL6oS82En9k6pjcg-NVbDFGAiWXjQJAn6TzvAMXx4jOwJ8q2aYQc_TqM1RRlCghsQDhX7yf4dZBq1uDwPTQKQThOdjd2ioGEQd-7pewYBSyLq0Rwtz5Xy839c2NK41QSLLEq5IX7NG4wJLQ59d2sa4FpxU6v2XhLw012mweb_rBw9k4UbN8UIUEoiV1wO0w7XuNmFkzYqXb-MvvOTNEP96Ciu9DvY7RAnRksZERf9wekTlHzfEpGf4ENlxaq11ndQrJZu7c7K-ca0jlYZ3tJOPff1Dzr1J-cbJTwtDalpGgI8Lama9AlL8vXcJ3Nh3fnzYEcf9Kkgi3t1QDYgdcPTrrrjTZlktIdL43Xb3YUZcERRUx3lbkhX3HTrPaIxmhqcc3g6Hez2QC_vZ9ncIEUnX751hVjvoDtWR-3mHJxoZJQz9IMCHE70He2NJLWTta5cadAJhVbeoaa7K2S7nQiDCUN3szQduU_6ppKKi5KhGNTlnFwnptev_X2ksoJR7zuuwwWluIFAD5J3Ct77wSwjSb7xPbFt-vm1jMme1rcsGRvbAmTjnQMAO2RN-ZViaVNnLUIclR_Mr2N7QjDX7kpzTrsBYveOfeFjlemIgQg6NDmYKdWWz7G42aIUxY-vR7Fho0YvwcjyNR2oU_NCNxWxwVOsTQX1qXxAKbkdIeKf6kWwgRoPobhoh6MxCYNeBPBSali92NzLxpQD4PvV-S2hAAeV70C-eh_Vu5l9_5qN5bSAEjCJcO6ATB0ovXbbZTZIcuR7BDeH8OLny_CO5yVDMYUwBwXep9tYswE4IHE3bogIn6rB-nCDfR-Rz5qxQ5tb5L5KbCA_8LtwN6vqo83r_0lOl5tJL5n7vym9S4csDklhyWWvGAHrU19zjRfPtBsY7o_N1i9jXGLIenDMP5vXyj5HWJoTvatPNPGJ1hWju0AaJ540WI9nZp9Rvmk9B8nyQbjCkH5r92j9UCMLt90abP3mvlLaT4zZVq6NiyW5dC4JtBRRm6B3_4K8UiyNq29QoqulHVRcUlZ3-jQwQfcHRCpgcx65I-M19Jc9ivobl7hjcjbZV6pgEJXdhgFaf9si4OapN9iHYu1Z4HAAr7lnhPgS7VnRl3NdHVtigdnbWsx2XBTy2_tZtsGyseZscPREonobl8LMwBlBzKb3CSSdkQ2LCHY17AcmyUwARESxW4B0CPxqIBcAwhSu3KNLUfYpeatE5JlqkZ4GpaTwqi8qQ8SvyppjW2pLHspFvLPbU4U8OJMoOWfZCdcdecC6KUh_nSY7nmpIuPi5DM0Worz7-n_PYohm17TACMA0COulyBUG8sf3YZ4jMrp3o6J1U_nKvRAvGzCxdqgSsyKJzUUpi6z_hN5BIDtMhqwf-0U-pXR0mpopOmabtWVP3AsnM5ZuK_B_Jr2MBxgySym8Cb_WjXr-3yjbt-ptYlcb0HxZdrIHaHhvFcVwWxTtU9-aUuGoIhT5RiVYBpXY7djaL_H_IyFwYc91-Ab8rZ273LmMTRHWLK3MEhfmi3nDBlw0qGQFq7BgzB1piPcohz-3KmYwVxBiYxMo9w8cF7TWN1mFruKw4ePTUXRUYVLSqP4xBie9ksONsqSp8JhWpVHh8MCaKPNNogtZYVnfxTEzRbwVLWzBMHJuG9s4-KvhVP-23enESQMBd6veGxP-zWfNIrhA6-pKyGrCS-XmHMxlwZUo_sAaFQXZJ1aGtyl3l5XTq39FG7YQ6GvpylJV_1syjNmo3KIq6ou8WcbCHvi_wrS2W5hViBhalzAPuIgJXM3naJEklSFjap2Wykjs99fiONhrJLa-zW1z8koqTDGTK5goHqk4V1-szYV8rf9aHyjWq4tNsSJvyMGgiK5jAy8NAZjpbFyX_rTlpEqqP8BQ2_DyfJ9XzTHH1IbBnT4Ls-lkLoRheoq9OZXsMvBpouO4vmBkWzSw_0vp3OYW3CnKe0PsCi_pMN7eAcg_AYuuU8ULLd-uoibHG-0TEPaPp78rTcEe614AYQmKMjwYZqDx3GKH723ZtPUm6wxRx2MjSYX10_cDP-v0Dbn5ucgZZcqcjNYOXB6cW-W2MYqUG7-lcQyUfUgijaGdwi39LosyQAEjNuXXwojKxPC7Drc1TkU_00rctr5XXTkQNiT1f3-Sk6URvDfUwNl6Gm-HUpZSircttOxk_Zmg&cid=CAASJORox6xv8kVe_vCkG2H-WfFWi_NFrYs8JUZdEJFHZ5bcym8Zmw&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 13:19:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162742
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Mar 2023 13:19:22 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B592
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 11 Mar 2022 13:19:22 GMT
expires
Sat, 11 Mar 2023 13:19:22 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
162742
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
lvu2p5tdtdf4
hal9000.redintelligence.net/zone/ Frame F911
11 KB
4 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/lvu2p5tdtdf4?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtpoiD8gtYr3bLY_z3wPQm5-gA92t6Khg9KT54sUK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBOABT9DLTvO4VYC4dnon5hHmhaUTcYQwhGI-y0jsnmUlTRZRQFBPFeD9LNkBUmCw-F_5ZWLaTMtdOuX8FXB_I_WQ0CffiLUCkRGhK_Esq38pjdoIzWvgMQOLU6vOqc9xrV_MJHmvSqIUNW3XGLdnzPWoqxSFYTsZ5EHK-JU3qYdkBgZNEPOSjSJGvAbBpI0R9aP4tdRcrDqexDDO2c2YSinJxasQdL7-ZpC9MwRMChaPoE_7RKTQOoaDngOh9oxF1aITT0Y6vgi3YA-9hqE18MybaucFJDm8cE0FuH98QXY-9APABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJORox6xv8kVe_vCkG2H-WfFWi_NFrYs8JUZdEJFHZ5bcym8Zmw%26sig%3DAOD64_3V3TBGs_3sBTM2g3KnCjaOL69c0g%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-ANQH8fKkQu-5JKKP5Ygo9lBadM1dUfUZnCzFAgZNN6g9eKge_S3b7aPFn0KjV-2xTDOS0j5RNeUhj4nqjLfs4Zcpozz3hOKRYMzI5R95af6glZIHRVpI0MuZXS3KCyANUm84wD9FEKOSNjpeyXQWqK8ox4Ng%26cry%3D1%26dbm_d%3DAKAmf-AOtfsKQFva-RgCo-vnFMmL_rMA7VRRBX8h6NTVbISy_u_LNvfRFGUvjyEvQXD2hkqJa3HiY32BnS9y7-RmCjvhC4n11A9F2QroC3h46jYO63zIUKwvgWVUgbEWWXPBh-POD-IWSP2nN4GrhZ7cKRGrIoHN14qthLNLQAyWqwvajE2s3O2TVGJibFs7OPWwYe0ZibYYCINSJ8Qppn8BhmRGBxKVOUbNAilNQrN_Jpu5i4vB5IYDyYtpoWgmyWaKbI8icuGSv2mDEEfQLBT6zyXXW-6F_rHYLhc0z38GwTCcDqW_Po-g9dakuRboPBldCfoRFOLC3sIUdVOYgRdcu-2eTCu2ki8EeZGuE0Re-amFA6NYZ9hU4y-rZvN1JDhY5Y3aA5u1sFmjqI9vKFTq2fPR0dHXPgSvtdONUF9YIz-SK0u_9Jp5tqcl1S6q3JoxLguwqwy1fH0A_sCRjMaL3sNTrTsW2A%26adurl%3D
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
177c62e1e94a67cd07a9c7a8a29df3e09ee7b9b8c4e180a113f4b3f76b612c95

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3962
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 3F7E
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuV2E0H97v0YrmY88JWvGg9cUFOMdaMqVGtnJIX7Z3MbwSUmGa8cgAsj2CeisqrkVh0TT8suR9b5a0VNhhrtckPbw&sig=Cg0ArKJSzNzFHHoEQknaEAE&cid=CAASF-RonsdrW9VxOciYDDJdKEtjNj9vPM0Q&id=lidar2&mcvt=1001&p=939,1289,1189,1589&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2232668132&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647167503140&rpt=247&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request.php
hal90008.redintelligence.net/ Frame F911
2 KB
1 KB
Script
General
Full URL
https://hal90008.redintelligence.net/request.php?zone=lvu2p5tdtdf4&nw=20&renderingType=javascript&namespace=89b3e3de41&subid=&uid=fb20115c621abee2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtpoiD8gtYr3bLY_z3wPQm5-gA92t6Khg9KT54sUK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBOABT9DLTvO4VYC4dnon5hHmhaUTcYQwhGI-y0jsnmUlTRZRQFBPFeD9LNkBUmCw-F_5ZWLaTMtdOuX8FXB_I_WQ0CffiLUCkRGhK_Esq38pjdoIzWvgMQOLU6vOqc9xrV_MJHmvSqIUNW3XGLdnzPWoqxSFYTsZ5EHK-JU3qYdkBgZNEPOSjSJGvAbBpI0R9aP4tdRcrDqexDDO2c2YSinJxasQdL7-ZpC9MwRMChaPoE_7RKTQOoaDngOh9oxF1aITT0Y6vgi3YA-9hqE18MybaucFJDm8cE0FuH98QXY-9APABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJORox6xv8kVe_vCkG2H-WfFWi_NFrYs8JUZdEJFHZ5bcym8Zmw%26sig%3DAOD64_3V3TBGs_3sBTM2g3KnCjaOL69c0g%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-ANQH8fKkQu-5JKKP5Ygo9lBadM1dUfUZnCzFAgZNN6g9eKge_S3b7aPFn0KjV-2xTDOS0j5RNeUhj4nqjLfs4Zcpozz3hOKRYMzI5R95af6glZIHRVpI0MuZXS3KCyANUm84wD9FEKOSNjpeyXQWqK8ox4Ng%26cry%3D1%26dbm_d%3DAKAmf-AOtfsKQFva-RgCo-vnFMmL_rMA7VRRBX8h6NTVbISy_u_LNvfRFGUvjyEvQXD2hkqJa3HiY32BnS9y7-RmCjvhC4n11A9F2QroC3h46jYO63zIUKwvgWVUgbEWWXPBh-POD-IWSP2nN4GrhZ7cKRGrIoHN14qthLNLQAyWqwvajE2s3O2TVGJibFs7OPWwYe0ZibYYCINSJ8Qppn8BhmRGBxKVOUbNAilNQrN_Jpu5i4vB5IYDyYtpoWgmyWaKbI8icuGSv2mDEEfQLBT6zyXXW-6F_rHYLhc0z38GwTCcDqW_Po-g9dakuRboPBldCfoRFOLC3sIUdVOYgRdcu-2eTCu2ki8EeZGuE0Re-amFA6NYZ9hU4y-rZvN1JDhY5Y3aA5u1sFmjqI9vKFTq2fPR0dHXPgSvtdONUF9YIz-SK0u_9Jp5tqcl1S6q3JoxLguwqwy1fH0A_sCRjMaL3sNTrTsW2A%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=2261923533642&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/lvu2p5tdtdf4?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtpoiD8gtYr3bLY_z3wPQm5-gA92t6Khg9KT54sUK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBOABT9DLTvO4VYC4dnon5hHmhaUTcYQwhGI-y0jsnmUlTRZRQFBPFeD9LNkBUmCw-F_5ZWLaTMtdOuX8FXB_I_WQ0CffiLUCkRGhK_Esq38pjdoIzWvgMQOLU6vOqc9xrV_MJHmvSqIUNW3XGLdnzPWoqxSFYTsZ5EHK-JU3qYdkBgZNEPOSjSJGvAbBpI0R9aP4tdRcrDqexDDO2c2YSinJxasQdL7-ZpC9MwRMChaPoE_7RKTQOoaDngOh9oxF1aITT0Y6vgi3YA-9hqE18MybaucFJDm8cE0FuH98QXY-9APABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJORox6xv8kVe_vCkG2H-WfFWi_NFrYs8JUZdEJFHZ5bcym8Zmw%26sig%3DAOD64_3V3TBGs_3sBTM2g3KnCjaOL69c0g%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-ANQH8fKkQu-5JKKP5Ygo9lBadM1dUfUZnCzFAgZNN6g9eKge_S3b7aPFn0KjV-2xTDOS0j5RNeUhj4nqjLfs4Zcpozz3hOKRYMzI5R95af6glZIHRVpI0MuZXS3KCyANUm84wD9FEKOSNjpeyXQWqK8ox4Ng%26cry%3D1%26dbm_d%3DAKAmf-AOtfsKQFva-RgCo-vnFMmL_rMA7VRRBX8h6NTVbISy_u_LNvfRFGUvjyEvQXD2hkqJa3HiY32BnS9y7-RmCjvhC4n11A9F2QroC3h46jYO63zIUKwvgWVUgbEWWXPBh-POD-IWSP2nN4GrhZ7cKRGrIoHN14qthLNLQAyWqwvajE2s3O2TVGJibFs7OPWwYe0ZibYYCINSJ8Qppn8BhmRGBxKVOUbNAilNQrN_Jpu5i4vB5IYDyYtpoWgmyWaKbI8icuGSv2mDEEfQLBT6zyXXW-6F_rHYLhc0z38GwTCcDqW_Po-g9dakuRboPBldCfoRFOLC3sIUdVOYgRdcu-2eTCu2ki8EeZGuE0Re-amFA6NYZ9hU4y-rZvN1JDhY5Y3aA5u1sFmjqI9vKFTq2fPR0dHXPgSvtdONUF9YIz-SK0u_9Jp5tqcl1S6q3JoxLguwqwy1fH0A_sCRjMaL3sNTrTsW2A%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
b631526f714df2128b0710c305fb7a3b5aedd8c3cbff56e49e22a0e9391bdd71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:44 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
71852900055976100757591011897008
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
863
Expires
Sun, 13 Mar 2022 10:31:44 +0100
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame B592
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
view.aspx
pb.media01.eu/ Frame 61E6
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=71852900055976100757591011897008&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=71852900055976100757591011897008&actionid=981741&produktid=&dt_url=
0
36 B
Document
General
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=71852900055976100757591011897008&actionid=981741&produktid=&dt_url=
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=lvu2p5tdtdf4&nw=20&renderingType=javascript&namespace=89b3e3de41&subid=&uid=fb20115c621abee2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtpoiD8gtYr3bLY_z3wPQm5-gA92t6Khg9KT54sUK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBOABT9DLTvO4VYC4dnon5hHmhaUTcYQwhGI-y0jsnmUlTRZRQFBPFeD9LNkBUmCw-F_5ZWLaTMtdOuX8FXB_I_WQ0CffiLUCkRGhK_Esq38pjdoIzWvgMQOLU6vOqc9xrV_MJHmvSqIUNW3XGLdnzPWoqxSFYTsZ5EHK-JU3qYdkBgZNEPOSjSJGvAbBpI0R9aP4tdRcrDqexDDO2c2YSinJxasQdL7-ZpC9MwRMChaPoE_7RKTQOoaDngOh9oxF1aITT0Y6vgi3YA-9hqE18MybaucFJDm8cE0FuH98QXY-9APABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJORox6xv8kVe_vCkG2H-WfFWi_NFrYs8JUZdEJFHZ5bcym8Zmw%26sig%3DAOD64_3V3TBGs_3sBTM2g3KnCjaOL69c0g%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-ANQH8fKkQu-5JKKP5Ygo9lBadM1dUfUZnCzFAgZNN6g9eKge_S3b7aPFn0KjV-2xTDOS0j5RNeUhj4nqjLfs4Zcpozz3hOKRYMzI5R95af6glZIHRVpI0MuZXS3KCyANUm84wD9FEKOSNjpeyXQWqK8ox4Ng%26cry%3D1%26dbm_d%3DAKAmf-AOtfsKQFva-RgCo-vnFMmL_rMA7VRRBX8h6NTVbISy_u_LNvfRFGUvjyEvQXD2hkqJa3HiY32BnS9y7-RmCjvhC4n11A9F2QroC3h46jYO63zIUKwvgWVUgbEWWXPBh-POD-IWSP2nN4GrhZ7cKRGrIoHN14qthLNLQAyWqwvajE2s3O2TVGJibFs7OPWwYe0ZibYYCINSJ8Qppn8BhmRGBxKVOUbNAilNQrN_Jpu5i4vB5IYDyYtpoWgmyWaKbI8icuGSv2mDEEfQLBT6zyXXW-6F_rHYLhc0z38GwTCcDqW_Po-g9dakuRboPBldCfoRFOLC3sIUdVOYgRdcu-2eTCu2ki8EeZGuE0Re-amFA6NYZ9hU4y-rZvN1JDhY5Y3aA5u1sFmjqI9vKFTq2fPR0dHXPgSvtdONUF9YIz-SK0u_9Jp5tqcl1S6q3JoxLguwqwy1fH0A_sCRjMaL3sNTrTsW2A%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=2261923533642&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Sun, 13 Mar 2022 11:31:44 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Sun, 13 Mar 2022 10:31:43 GMT
content-length
0

Redirect headers

Server
nginx/1.17.5
Date
Sun, 13 Mar 2022 10:31:44 GMT
Content-Type
application/javascript
Content-Length
0
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=71852900055976100757591011897008&actionid=981741&produktid=&dt_url=
Host
pv.medialead.de
Proxy-Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:EC90_91EFC182:01BB_622DC810_BFAF532:F725
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40027
request_content.php
hal90008.redintelligence.net/ Frame 61F1
7 KB
2 KB
Document
General
Full URL
https://hal90008.redintelligence.net/request_content.php?s=71852900055976100757591011897008&a=309c087b
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=lvu2p5tdtdf4&nw=20&renderingType=javascript&namespace=89b3e3de41&subid=&uid=fb20115c621abee2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtpoiD8gtYr3bLY_z3wPQm5-gA92t6Khg9KT54sUK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBOABT9DLTvO4VYC4dnon5hHmhaUTcYQwhGI-y0jsnmUlTRZRQFBPFeD9LNkBUmCw-F_5ZWLaTMtdOuX8FXB_I_WQ0CffiLUCkRGhK_Esq38pjdoIzWvgMQOLU6vOqc9xrV_MJHmvSqIUNW3XGLdnzPWoqxSFYTsZ5EHK-JU3qYdkBgZNEPOSjSJGvAbBpI0R9aP4tdRcrDqexDDO2c2YSinJxasQdL7-ZpC9MwRMChaPoE_7RKTQOoaDngOh9oxF1aITT0Y6vgi3YA-9hqE18MybaucFJDm8cE0FuH98QXY-9APABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJORox6xv8kVe_vCkG2H-WfFWi_NFrYs8JUZdEJFHZ5bcym8Zmw%26sig%3DAOD64_3V3TBGs_3sBTM2g3KnCjaOL69c0g%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-ANQH8fKkQu-5JKKP5Ygo9lBadM1dUfUZnCzFAgZNN6g9eKge_S3b7aPFn0KjV-2xTDOS0j5RNeUhj4nqjLfs4Zcpozz3hOKRYMzI5R95af6glZIHRVpI0MuZXS3KCyANUm84wD9FEKOSNjpeyXQWqK8ox4Ng%26cry%3D1%26dbm_d%3DAKAmf-AOtfsKQFva-RgCo-vnFMmL_rMA7VRRBX8h6NTVbISy_u_LNvfRFGUvjyEvQXD2hkqJa3HiY32BnS9y7-RmCjvhC4n11A9F2QroC3h46jYO63zIUKwvgWVUgbEWWXPBh-POD-IWSP2nN4GrhZ7cKRGrIoHN14qthLNLQAyWqwvajE2s3O2TVGJibFs7OPWwYe0ZibYYCINSJ8Qppn8BhmRGBxKVOUbNAilNQrN_Jpu5i4vB5IYDyYtpoWgmyWaKbI8icuGSv2mDEEfQLBT6zyXXW-6F_rHYLhc0z38GwTCcDqW_Po-g9dakuRboPBldCfoRFOLC3sIUdVOYgRdcu-2eTCu2ki8EeZGuE0Re-amFA6NYZ9hU4y-rZvN1JDhY5Y3aA5u1sFmjqI9vKFTq2fPR0dHXPgSvtdONUF9YIz-SK0u_9Jp5tqcl1S6q3JoxLguwqwy1fH0A_sCRjMaL3sNTrTsW2A%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=2261923533642&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ecb2c263569e4a90ff051652e6dd3dcd148a591ff1b8412ae692414d547b0241

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/

Response headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sun, 13 Mar 2022 10:31:44 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2051
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame F911
Redirect Chain
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=71852900055976100757591011897008
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B
Image
General
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:37:19 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:EBCC_91EFC182:01BB_622DC810_C2C2DB2:7DE1
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=15768000
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
cshow.php
www.awin1.com/ Frame F911
43 B
703 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=71852900055976100757591011897008&pv=1
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:44 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame F911
43 B
703 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=71852900055976100757591011897008&pv=1
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:44 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1DB5
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Sat, 12 Mar 2022 13:26:12 GMT
expires
Sun, 13 Mar 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
75932
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F911
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e616c353ac56bd9b110e8454e004ace19e8af57048bc40beca45b7d9abb55d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame B592
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Be_B0EMgtYsH6EfuC9u8Pn6m4-AwAAAAAOAHgBAI&bg=!ZGelZyPNAAb7UztL-1M7ACkAdvg8WiPbw1YJoh1Kob_AoA4MpZpzz_b_DUUKYv_QQtPaC3qLdh4DWwIAAABjUgAAAAJoAQeZAxjtfw-vL97ZKePNtY7J6qnL_gGc1ICRk7RXzOdjYvH5LR8mSBc5phevvsymWuHnH-rGs-7suVhzVwESYXOEE2DWlGb10lZoujekVp66RozBxuCOC-8IOCI485qz2fbbOX4ddFJa76tWi5BOVD4v4o9EPoqsdnHmLbOjMzPgbCnKouemwkCUF7wnztrbJ_kdCn-Lvph8eAQPpbyguD-7mYUdG7dfal4_K-YTcV-O1BlufrrMENMcCeqjXsFQM7BYBMwOaVlUCflqtKFqzs_4paldmllkRx28yyksDO3fyxZu-AF3-bE1Abs-PWbG05NdyNyszKLZdTm07dLWb9CEEZk6ko5OJQrHCx_gDv3cjQbmiBv5klDq_KXJSZBkf1apPHiuPbLoB5S9Bw-n_44Ep13nLqk5zUCdXFZQrraqFj1ILexF-Wshe9y_1FeSD6oP3a9-YLgsNrT6dG1y8U0gweFp9aAUg4S6MhbL2LbhMsuXvvH4NlKrJh068svn_Em9uBn206mXoG6Jhll5ob2pfxo-24fyrqDZ6DJndWDY7LoN6ATLZCVj8CXxx7Yl8MCwRzPQ5jfPOPp_zJA4Mh_Srr_i9Qob_0dxHdzzcaTkRrCrbzv9xvxRhffq2C74TJJc1iNkH5J6tRZFspZ5dsxoTc0_BByv4px9XbMb6ViNyGPMBb4TiIGyC60kR7W-F3vyYoQgrRF6k3ah7yF8GCs0Ev-TCoIdpMZaYZ9dUhgooFksQo6CVPNqTP0u9H_MgTKxuZfxZT09ZXdeD9YsApaKnFPkG2H-rKB6_Km0hPLbuKDB3ZJ02sxHA2WO-jkLh-0-lZJWjV6TYiIYCnWESGAz4cArwz4qtFRVzNhjWbtcb1pX7gn6YPSdT5Ny_sbgYQmYdoDuLps1-J81tGqBLbbWbBmRQMoN7u5jR-I0ATSxOVxilX5m7cmYZhUsgZ6aticvZpdN3B9-X1DJEQ-mnm7Q6WtNknhKOU6XsYogwB1wMsEpYZoF8o9No798MJX6UO3cs-7UbaDSyYW4hLVXqisDIyqtFK5dxgHIIlc
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 61F1
4 KB
649 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=71852900055976100757591011897008&a=309c087b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
97efeda8567c33ed3cd7eb616868f1282f50e8ca9ec1ebe3ab632b0913dbdc26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Mar 2022 10:13:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 13 Mar 2022 10:31:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Mar 2022 10:31:44 GMT
/
hal9000.redintelligence.net/scale/ Frame 61F1
25 KB
25 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=71852900055976100757591011897008&a=309c087b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
6aa29b43cf5f135f71f94386bf85bf5c6a72046283995c01bb528bb410f8ba75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
25412
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 61F1
21 KB
21 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/native_ad_globus_baumarkt_1200x627.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=71852900055976100757591011897008&a=309c087b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1a2c3c62263500f4a1b2c2acf9d63ccf033cdb7daa16e23d9fe33ced9c72bfbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
21235
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 61F1
27 KB
27 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=71852900055976100757591011897008&a=309c087b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ed1bfafb4f6fd582f878c4cfe2d545b42365ab7f10659a41c86c8c51cac5d88d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
27287
Vary
Accept-Encoding
Content-Type
image/png
viewability
hal90008.redintelligence.net/ Frame 61F1
0
150 B
Script
General
Full URL
https://hal90008.redintelligence.net/viewability?s=71852900055976100757591011897008&a=73791cf8&vb=m
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=71852900055976100757591011897008&a=309c087b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/request_content.php?s=71852900055976100757591011897008&a=309c087b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1DB5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1&google_push=AYg5qPI3CO7W1jvXQ526WJd6VxphkA0s3L_SRqRKk5MepK50tSHjye8-QSLqInDLmvl7PXBWBOWazLcMpT8GohWHXnkZK63qX_iT
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMwOTU5NTQ1MjUzNDY4NTQxNw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 1DB5
35 B
464 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAb-4DjIAAVpvAY6rtoqFLQ&google_cver=1&google_push=AYg5qPJmYKeMPfx8t1iSyIW47fszQihwQMoZ4Y2o55Mrt1baAefO-sXOymo0ugs2uT704TxWg8gcpypqSPxLLre7iD8uUg2TKely
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1DB5
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOlGcv6HITpd5cgjsMz61jI&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOlGcv6HITpd5cgjsMz61jI&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aXBmOTRLNmkxTnRsdk81&google_gid=CAESEOlGcv6HITpd5cgjsMz61jI&google_cver=1&google_push=AYg5qPKZ6f263nJvZELu5I-zEX8NDLawDHo55yGowiGmYaO...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aXBmOTRLNmkxTnRsdk81&google_gid=CAESEOlGcv6HITpd5cgjsMz61jI&google_cver=1&google_push=AYg5qPKZ6f263nJvZELu5I-zEX8NDLawDHo55yGowiGmYaOdg0zqBjSORDz_xZtxMfJrN7xI5dq27pAY1wkhkHLvxof1MU9NeRs
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:44 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0ae965e2f8a6b4310@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aXBmOTRLNmkxTnRsdk81&google_gid=CAESEOlGcv6HITpd5cgjsMz61jI&google_cver=1&google_push=AYg5qPKZ6f263nJvZELu5I-zEX8NDLawDHo55yGowiGmYaOdg0zqBjSORDz_xZtxMfJrN7xI5dq27pAY1wkhkHLvxof1MU9NeRs
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1DB5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENeDDmUtR39uXSEABuvfdIA&google_cver=1&google_push=AYg5qPLrsqhKHMuY0pfxTnuvviobpXKp0CnfPLzcopmCMdOBa4aRI49UPx_iXbV0ZvBKESAdIZzI1AVwLUh-hsuB...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLrsqhKHMuY0pfxTnuvviobpXKp0CnfPLzcopmCMdOBa4aRI49UPx_iXbV0ZvBKESAdIZzI1AVwLUh-hsuBh8caMpV3-Sw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLrsqhKHMuY0pfxTnuvviobpXKp0CnfPLzcopmCMdOBa4aRI49UPx_iXbV0ZvBKESAdIZzI1AVwLUh-hsuBh8caMpV3-Sw
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 13 Mar 2022 10:31:45 GMT
Server
MT3 4256 109297d master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLrsqhKHMuY0pfxTnuvviobpXKp0CnfPLzcopmCMdOBa4aRI49UPx_iXbV0ZvBKESAdIZzI1AVwLUh-hsuBh8caMpV3-Sw
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 13 Mar 2022 10:31:44 GMT
pixel
cm.g.doubleclick.net/ Frame 1DB5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMXyRJPkbYKyiOjxnqlaTkM&google_cver=1&google_push=AYg5qPIPDqh4pN9cgWZbqeJt3IEgI8UdSl9yzyiDpH7pzzXQH2zk8yC7GhOYPUosMYM26p33jn0gRHZS6ZRD9Swsmn20...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMXyRJPkbYKyiOjxnqlaTkM&google_cver=1&google_push=AYg5qPIPDqh4pN9cgWZbqeJt3IEgI8UdSl9yzyiDpH7pzzXQH2zk8yC7GhOYPUosMYM26p33jn0gRHZS6ZRD9S...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIPDqh4pN9cgWZbqeJt3IEgI8UdSl9yzyiDpH7pzzXQH2zk8yC7GhOYPUosMYM26p33jn0gRHZS6ZRD9Swsmn20QVdsJvFN&google_hm=uXus4HtaS9qTkiF2Qobomw==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIPDqh4pN9cgWZbqeJt3IEgI8UdSl9yzyiDpH7pzzXQH2zk8yC7GhOYPUosMYM26p33jn0gRHZS6ZRD9Swsmn20QVdsJvFN&google_hm=uXus4HtaS9qTkiF2Qobomw==
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIPDqh4pN9cgWZbqeJt3IEgI8UdSl9yzyiDpH7pzzXQH2zk8yC7GhOYPUosMYM26p33jn0gRHZS6ZRD9Swsmn20QVdsJvFN&google_hm=uXus4HtaS9qTkiF2Qobomw==
Date
Sun, 13 Mar 2022 10:31:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1DB5
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHXg9SRCT5o-T--5_23zPp8&google_cver=1&google_push=AYg5qPIR1TSbcIMI1lwxg8UeKs2XJfVo7NHJJ5L5Z3jg9KrFZGlbPIx1YbYY2rL0KH-NINoWcAkizt-3uNN9m0580voTC28...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHXg9SRCT5o-T--5_23zPp8&google_cver=1&google_push=AYg5qPIR1TSbcIMI1lwxg8UeKs2XJfVo7NHJJ5L5Z3jg9KrFZGlbPIx1YbYY2rL0KH-NINoWcAkizt-3uNN9m0580voTC...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIR1TSbcIMI1lwxg8UeKs2XJfVo7NHJJ5L5Z3jg9KrFZGlbPIx1YbYY2rL0KH-NINoWcAkizt-3uNN9m0580voTC286KVI9
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIR1TSbcIMI1lwxg8UeKs2XJfVo7NHJJ5L5Z3jg9KrFZGlbPIx1YbYY2rL0KH-NINoWcAkizt-3uNN9m0580voTC286KVI9
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIR1TSbcIMI1lwxg8UeKs2XJfVo7NHJJ5L5Z3jg9KrFZGlbPIx1YbYY2rL0KH-NINoWcAkizt-3uNN9m0580voTC286KVI9
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 1DB5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJmi2jU6klHhn74MCggbP7U&google_cver=1&google_push=AYg5qPI4WbT2_X5_ffqQe80OPMuSNABAukBj3Ef82upmVv58fgdf5VAR0gGbe1ZQSn4-1fJsHYd5Zykj...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPI4WbT2_X5_ffqQe80OPMuSNABAukBj3Ef82upmVv58fgdf5VAR0gGbe1ZQSn4-1fJsHYd5Zy...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPI4WbT2_X5_ffqQe80OPMuSNABAukBj3Ef82upmVv58fgdf5VAR0gGbe1ZQSn4-1fJsHYd5ZykjMk8gANk-gJjdFi49xbwx
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPI4WbT2_X5_ffqQe80OPMuSNABAukBj3Ef82upmVv58fgdf5VAR0gGbe1ZQSn4-1fJsHYd5ZykjMk8gANk-gJjdFi49xbwx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 1DB5
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KAzDjNo7VscRhxg9BDtvOjMB0nv_uUUZ0tTGaYSnhxJYLFmt-_xW341II8_e2oVymSUswn
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame A183
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030801&jk=301711144975138&bg=!d3SldDDNAAb7UztL-1M7ACkAdvg8Wql9hv4fPAVt7YvUxFBhGG6mhcfybxOVtKWXffkTRyNlLBcLAwIAAABnUgAAAAJoAQcKAJV6Mc3f3coT9Yufa1dlcyiYkCc0iLYKuPBcC4gnrN-Eaop8MiaroM6kzlHIl0xBeSy-paeIXM4IDKZliOce8NJU_gnb-N6Y2hl7izBnuPmTfOa1V_KAPpFXP-U5rfigB29wfu_aWbfbHA2iu5O_ktRekBqIEhGteSFiOrhe4-VlMf1OPSdf1WjCOlScSsdpS8MjjNrC_ZkC53gBWCOfxo6ADsH4xDcevMTTTTd5N_oriwfKoSf_9nSjdiuEAUuAh-6rmuCrNrVJqqxeagtZn3Phu56o-fhu92qD0MhJpsrTlik7T_0fboujx4Q50odE3JQL3yXutU70VOoQv2Wlj_7g35vv1psI5OozXfoVyUBMCJryifXU97MkdWcspk1nEFwQ3I493WmwE78ogeMxKtukeU6_FwDxXnS2Ien5AtduviTvT5FUmdpa4_Q42p58uBzLXwcBts4YjdzTec4VBEjL_C6jPNlxuKYS7SuL-cmAmPfUTuSCwzC0EQ0fdH2jqX3sEEy4dK6gczJN2VQ_TDfgreIXO7YV81I0kEOwaY6GfFWCyVDpNFU8hLjP4Hkbs9nUPXvnWl9GO8JMfZ1hQMlwAjjHtJUStLZPb8v3U0Qg2AvfUyulECdyWq3w9Vl_0AIUEGoV2DJ6oQbW7exdmbdCQC-PKKXHgBTAF7_ajLWtg-g_rjG98g5mprtfmMxE4DuA3EoJ0GUIB1VcO4AgAs0NnS_5Bb9DWaNpPSJwjgZtpGVRDUK2bdLuLOIx4AbEGJXavmVzwa7_rTGgmlDCk8HqArbCe2Y1WcUgXsJh6sQBhgXVc5WpT7FFqkhPDsIovAkTsPmnDBT8evQpAouX1J0L1Z3wD4zgDLgW_TK5i-KWPji0dRT3ZsErz11u1JfN2VCXJ5qSAHbZI7A2ar6XU5OkoBBq4dQWZkyfLeqy2eD7PIHhWrsQ0YFlW87BFJzkQjtHnO_W2I3pvC9ffOx3bDYRCIdm-RsqO0g8wzKaDjHe8ncYO2wRO5-pP_J5qbs-9qtKf7ScgnZ7Z0Qn2MhcpjC0IrtKjhQtRO7CQXzOX7HhqHmoLVpipA1CgOVPNwcOAj1Ca7r4StW-oKJuHd0z7sj78cBWaw8SCcRv5z-L800_6mLaB_QXx1xDTwUToThCMpggqloTZy_vbbBD-aXvHTcGxjU3x-46BurxRTRkRvj4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 80F0
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030801&jk=4210770730355657&bg=!T0ylTAjNAAb7UztL-1M7ACkAdvg8WupQv9r8wwEmdBwUpXK0A71-G_hJ4VkeHjmk22Gzvb5IF_jlPQIAAACEUgAAAAJoAQcKAEv3DbdPKj7BabzAz95SF7Jy0SIkzc-7WRGv7p5QhsiBmScPenX3nU8ceCCAVI5lXYAMlYPgCNcs3mA9AItY74dwBeUkdUigJF5MfD6ZAu_XKaJ3tYgB7iCMbCZuKZbt2LhuYwaCgtu9uCeGViHrqxIQM2pq9f0qJL5_PBf1DzRG2wABGUhziFtLBia1-2nx43S95hQwxCMa6mz4fN5LKyzWt_dPJcGWhRrH7wqKSUeQ3heWtF8aUT97z4Kt4eYJKKHtyPw5xseQz8YyhnPFRv3smcrXAzFcK1LduqLQqf2zR4wrymJ1pGSVvSnmnYYoqxrtT0jxwkJ-i0cDSDaDROr3q5zLNUvod-O6KjCJjrzYX8lFkZsA5f5NACWhgxJ-9DTvOq9RRbVnvrBDZNICQIUsOfJKo7mwLzmHKFxZ4_iE_TXuYr-mh_XCL1U4tmkQvdmqWOKrCB5ORGWvGyQyrOxOTWHkdxov9tLMY2MxAneI8MezIu_TTGBcn6D9xFvZBCDr5JTibs2yVO4CXetzDxW4_bIlBeVj92-fbnbhm_GgLCMMoMFGyfUnuBDos2AQAO5ooYv7vIb2EsJ03MI38p9VnzGj4xgNctjMd7n14JwQ-xYVSZOtgtNRF3Fow-nfpddPIV6-EpMBVqv5D8irNswLzdea5Zk_8XXaM41sB32iyes4Z3ETTI3kLVhW8nMBSlP1zer6m8GeAtgsiwwwktuWoA3N-nCfIC4BSsV7Q-v55EmVPTcO_50PiKPWrGtGOpbWxGbWWT8cxLTylzhfSYdCFiLqdPzuGlZeMNNAUbHmdzIq7FLcN0w2NzEduWnwxPcn7FNzYG6AMMJ58GVPCmC7SnbL6PgfAYLxELf3uDfFHSZ6B8adCtuxtwQMft5ixKUKriqWpcWNVyK1RCBnunzNYZpJuuBs1NMHCMF1Lm2q2NgDomxcWOfzqSu6ePpsoG0SC9RX4K5mNWcVdXk8fkxxcIZ4IWLCinyPonMAREBZY3lss_cOJf7dF_JEqjLh887yAAzIpAsmbfiOtT4Qg5hNGhTXrvxm7zLlQ1SZHQvaZgJhugcCT42-YPyZBFWtsp1-PTTtAc6mGzsfm0d2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 865A
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Mar 2022 10:31:45 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:44 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame 61F1
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90008.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 18:04:09 GMT
x-content-type-options
nosniff
age
318455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 17:37:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Mar 2023 18:04:09 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame 61F1
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90008.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 18:03:30 GMT
x-content-type-options
nosniff
age
318494
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 17:39:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Mar 2023 18:03:30 GMT
collect
h.clarity.ms/
0
48 B
XHR
General
Full URL
https://h.clarity.ms/collect
Requested by
Host: h.clarity.ms
URL: https://h.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:46 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| structuredClone object| oncontextlost object| oncontextrestored object| CloudflareApps object| zarazData object| zaraz object| dataLayer object| __CF$cv$params object| __cfQR string| GoogleAnalyticsObject function| ga object| __cfBeacon function| clarity object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| Popper object| bootstrap object| _0x4eef function| _0xf565 boolean| _purpleadsWasLoaded object| _purpleads object| a2a_config object| a2a function| a2a_show_dropdown function| a2a_miniLeaveDelay function| a2a_init object| icons string| svg_tag_open string| svg_tag_close undefined| svg_src undefined| svg_src_default number| a2apage_init object| _0x4517 function| _0x585f boolean| _purpleAdsDisplayInit string| purpleadsInstanceId object| purpleadsAgent object| L function| mytextcopyFunction object| map object| marker object| popup object| _leaflet_events function| submitForm boolean| __cfRLUnblockHandlers object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client undefined| color object| recaptcha object| closure_lm_21805

51 Cookies

Domain/Path Name / Value
.nets4.com/ Name: _ga
Value: GA1.2.1312843398.1647167500
.nets4.com/ Name: _gid
Value: GA1.2.901498445.1647167500
.nets4.com/ Name: _gat
Value: 1
www.clarity.ms/ Name: CLID
Value: 37ddc69b256b410299e180d220ed0294.20220313.20230313
.nets4.com/ Name: __cf_bm
Value: NJLbx5Vul8Wht2ZXmftQnoB_LmZSzFnUPqw34j8Eahk-1647167500-0-AZhfj24FXuGoXEpev4KeuUgFdnuX8Yg+wq62vpGaj1ZImN4HUsRcD8QaM2ZRcV67qDPJzwN+KqxS3mCAs4CXONjkE0X8wSAAC5eVNBA5AGpCX1SRLHaVa0d60ykOwPNEGg==
.nets4.com/ Name: _clck
Value: 1yvhi18|1|ezq|0
.nets4.com/ Name: _clsk
Value: akmazo|1647167500948|1|1|h.clarity.ms/collect
.c.bing.com/ Name: SRM_B
Value: 003CA7597F3E6ED90046B63F7E556F47
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 003CA7597F3E6ED90046B63F7E556F47
.c.clarity.ms/ Name: ANONCHK
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUmpYfRT9wzWDJTgMt5mCpdNBkYs_nK7CCK6itZygphCHLDcOkHuslGUH3oSvWk
.casalemedia.com/ Name: CMID
Value: Yi3IDk7X9JUGhnCcR6qUaAAA
.casalemedia.com/ Name: CMPS
Value: 3274
.casalemedia.com/ Name: CMPRO
Value: 1103
.casalemedia.com/ Name: CMST
Value: Yi3IDmItyA4A
.adnxs.com/ Name: uuid2
Value: 1410841610829892734
.casalemedia.com/ Name: CMRUM3
Value: 2d622dc80e2760CAESECQx__UuNuZglljIjN5GU7k
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$Md:R/z!]tbPl1M>e)ZlrFUfJ+tGXxpCC`zhvU?AELRnC8`Sl2H<NE<)oaRt(-r4a1z*bpRz*qF1`*b^`j)k_3s
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 3b58a4cbc94b9715
.nets4.com/ Name: __gads
Value: ID=6bf49801c8b0f0f7:T=1647167501:S=ALNI_Ma-2pTd4Th25scBsEIeyhjqF7kSIg
pb.media01.eu/ Name: ASP.NET_SessionId
Value: l0xu2r3m3ut1k1nzr0p1whhh
pb.media01.eu/ Name: DTU
Value: C2C97D293B5C126F84FEE263D37B1815
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7246275579942169276
.yahoo.com/ Name: A3
Value: d=AQABBA_ILWICEFfQXLkU-OtETbK-6WyGkHAFEgEBAQEZL2I3YgAAAAAA_eMAAA&S=AQAAAjfOKmEBu-7kSy7HPfwx9BM
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1647167503622,"clickCookie":false}}
.awin1.com/ Name: awpv18692
Value: 296283|1647167503|c7111370-a2b8-11ec-892c-22623498ce3d
.awin1.com/ Name: awpv14098
Value: 412871|1647167503|c7116191-a2b8-11ec-8df2-22307a82f47e
.turn.com/ Name: uid
Value: 4309595452534685417
.simpli.fi/ Name: suid
Value: 5C964958223F48A89FFC7F9C8931A585
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22D9286ECB-3637-4C16-BF53-D119EFE5BA17%22%7D
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4ba235ce-d577-4322-bac4-4afb85905177-003%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4ba235ce-d577-4322-bac4-4afb85905177-003%22%7D
.tidaltv.com/ Name: tidal_ttid
Value: 14e60690-947c-4cc9-ad2b-c7a54e4fc8b8
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjA1tTI0sgAAlutZPgkAAAA="
.spotxchange.com/ Name: audience
Value: c7683bf4-a2b8-11ec-b99f-192cb16e0206
.awin1.com/ Name: awpv22610
Value: 296283|1647167504|c77a0e70-a2b8-11ec-8df2-22307a82f47e
.awin1.com/ Name: awpv11830
Value: 296283|1647167504|c77a3580-a2b8-11ec-892c-22623498ce3d
.awin1.com/ Name: AWSESS
Value: 357066:2338577
.quantserve.com/ Name: d
Value: EG4BCQHTJYEA
.quantserve.com/ Name: mc
Value: 622dc810-d4c7a-495ab-6fb76
.w55c.net/ Name: wfivefivec
Value: ipf94K6i1NtlvO5
.w55c.net/ Name: matchgoogle
Value: 5
.de17a.com/ Name: guid2
Value: 1.625117972977003571
.bidswitch.net/ Name: tuuid
Value: b97bace0-7b5a-4bda-9392-21764286e89b
.bidswitch.net/ Name: c
Value: 1647167505
.bidswitch.net/ Name: tuuid_lu
Value: 1647167505
.bidswitch.net/ Name: google_push
Value: AYg5qPIPDqh4pN9cgWZbqeJt3IEgI8UdSl9yzyiDpH7pzzXQH2zk8yC7GhOYPUosMYM26p33jn0gRHZS6ZRD9Swsmn20QVdsJvFN
.mathtag.com/ Name: uuid
Value: 7fa3622d-c811-4600-9976-fedd518acef7
.mathtag.com/ Name: mt_mop
Value: 4:1647167505

4 Console Messages

Source Level URL
Text
other warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js(Line 17)
Message:
<link rel="webbundle"> is deprecated. See migration guide at https://bit.ly/3rpDuEX.
other warning URL: https://nets4.com/domain/jesus.co
Message:
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3217454138234025&correlator=3531863666794276&wbsu=3aa1f46f-90ab-4faa-ba6c-fa63efefa45a&callback=googletag.wbn1&eid=31064926%2C31065293%2C31060545%2C31065455%2C31064624&output=wbn&gdfp_req=1&vrg=2022030801&ptt=17&impl=fif&sc=1&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie_enabled=1&abxe=1&dt=1647167501926&dlt=1647167501430&idt=480&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=2045&ucis=fkokrfwtenuq&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167502&ga_hid=1310200072&ga_fc=true&btvi=1&nvt=1: WebBundle format "b1" is deprecated. See migration guide at https://bit.ly/3rpDuEX.
other warning URL: https://nets4.com/domain/jesus.co
Message:
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3217454138234025&correlator=3531863666794276&wbsu=3aa1f46f-90ab-4faa-ba6c-fa63efefa45a&callback=googletag.wbn1&eid=31064926%2C31065293%2C31060545%2C31065455%2C31064624&output=wbn&gdfp_req=1&vrg=2022030801&ptt=17&impl=fif&sc=1&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie_enabled=1&abxe=1&dt=1647167501926&dlt=1647167501430&idt=480&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=2045&ucis=fkokrfwtenuq&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167502&ga_hid=1310200072&ga_fc=true&btvi=1&nvt=1: urn:uuid resource URL in WebBundles is deprecated. See migration guide at https://bit.ly/3rpDuEX.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23a21fe3ea42696fcc14fdc866388b53.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
540b893fe6af5ae4cbc70fa62bb6f302.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
5e4a4d08a576fabd6d7653ea67d1e7cf.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
a.tile.openstreetmap.org
a1.awin1.com
ad-server.eu
ad.turn.com
ad4m.at
ads.travelaudience.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adv.office-partner.de
ajax.googleapis.com
analytics.webgains.io
api.purpleads.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
b.tile.openstreetmap.org
c.bing.com
c.clarity.ms
c.tile.openstreetmap.org
c1.adform.net
c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
cdn.purpleads.io
cdnjs.cloudflare.com
cloudflareinsights.com
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
h.clarity.ms
hal9000.redintelligence.net
hal900021.redintelligence.net
hal900024.redintelligence.net
hal900028.redintelligence.net
hal90008.redintelligence.net
ib.adnxs.com
img.nets4.com
medialead.de
nets4.com
pagead2.googlesyndication.com
pb.media01.eu
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
s.ad.smaato.net
s0.2mdn.net
s0.nets4.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.addtoany.com
static.cloudflareinsights.com
sync.1rx.io
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.tidaltv.com
tpc.googlesyndication.com
track.webgains.com
ui2.awin.com
um.simpli.fi
us-u.openx.net
uuid
www.ad-server.eu
www.awin1.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
cm.g.doubleclick.net

104.92.106.130
104.92.94.3
108.157.214.118
138.201.63.116
138.201.63.150
138.201.84.252
142.250.184.194
142.250.184.226
142.250.185.102
142.250.185.194
144.76.238.55
145.239.193.130
151.101.2.110
169.50.137.184
18.194.22.119
18.197.240.17
18.66.248.50
185.29.132.241
185.33.220.216
185.94.180.126
2.21.141.232
2001:678:cb4:bbbb::11
204.79.197.200
213.155.156.181
213.19.147.45
2600:1901:0:76b9::
2600:9000:225f:e800:1b:5138:8a40:93a1
2606:4700:10::6816:47c5
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700::6810:125e
2606:4700::6810:5f41
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:27::cafe:1425
2a00:1288:80:807::1
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:830::2001
2a00:1450:4001:830::200a
2a02:fa8:8806:12::1370
2a04:4e42:400::649
2a04:4e42:600::649
2a05:d018:24:b002:fd0c:6a07:bd55:e3a8
2a05:d018:d29:3601:b73:5e1d:a8b6:5551
2a06:98c1:3121::7
2a0b:4d07:101::1
34.227.128.233
35.190.0.66
35.244.159.8
37.157.6.246
46.236.13.147
52.142.114.2
52.224.31.34
52.30.107.253
54.76.176.197
88.198.250.30
88.99.165.19
94.23.99.218
95.100.153.115
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
04923c5e207caf6c7f88f1e723ee1e7e6e46d701d42ce4dfd45dad4ebd0c78e8
096cfb56ab0d5ca611f0511fb95e8451322f44a0b9c2514eee76869c267d206d
0a03908890ad86d977ed3c126f30724071c8729279c7a47d052f6743159f5e75
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb978d5472963fc09d519246511b7b146dac5e9033348bb1feef925410d6c45
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0e4ee29eaf66bf9f1df2cbaeb71819cfbbeb22aac7e36fc9b02f2f04e511c9e3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13977410c5d04cd79154d66ab78bd610f7bcba84a5ebeb673defbe750d7623e0
144a80a98d18cf0f7f84176d9ccac08f200db3dc231b281862cffe3803cf49df
146bdc3c0d9ffce08f611fd426c9f5a6d9d003c7aac7008064f5a41664f9f46a
1500b60e9892d70bec1c05722802959fe7babc02c8e268c3b10a108bb9070013
15f97543ff4d546609111ebf1c117bbe16c5fe852fa7e826204b74566e91a8f7
15f9c75454fbc8c7a512938af4ebbe852cd2fe82b8bd32ec98222a231b8a7e12
177c62e1e94a67cd07a9c7a8a29df3e09ee7b9b8c4e180a113f4b3f76b612c95
17a97981604a1fe56f8804e77655010e70cbfbbac2c66e03a303e876dfd72640
192fba245c012468da2443940a99f9ca13257f2a57f1932d5736c318e8a92d6b
1a2c3c62263500f4a1b2c2acf9d63ccf033cdb7daa16e23d9fe33ced9c72bfbe
1d2d6cda758ae9f4f0d97d348293dfe0eaa3b36a3ddc8467f0ec99ebea7a57ed
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1ebd9ef5e1ff89780334c05eec1b416c72578ff66d763166ef65a82f4791d0cb
215568fc549dd57a2be6a6e7ecaec66ef0307923832ed445deded31cbe258655
21af66f64bb18b1159ee363a933d5630e27419c83915d4d5ef42d8154f3921da
21f07320c24e26e1fad8927ea34e6c82c4c53e8e235dac2e0cb8378a82632ed3
2255ec4c3254a41b448889224b2cc5c32f8d6f8a6165d3c58aa6523f86c0957c
22d7e00449ca81f34b0926fe4573ec056a674d959ad42d7fa0ad680e90f27992
230f27646f2460a7e13106d06ec50cb822acf254ae08fba4058aa06ca57b9dab
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
24dbcced82a1b52b704d4353e10b04602cba0ad3ae83112b7d3520dc7a5df0c4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a
264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da
268314ab319caf7c48f031375ae04f67c9e5bb1bb633072694628fb0ea2591b0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2a3656cc3dc3ed53e485cf84e47918685e694198f3f97f06f16533e6d86b04ce
2ca375d8fe3464aaefcbf4f826970f9cc795c5875741cfe05afa53937ade429c
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e616c353ac56bd9b110e8454e004ace19e8af57048bc40beca45b7d9abb55d2
2edfb8e5a246cc2bcf5bc25c9f7cf90ea68ab2d8e555869908ca750b8c4a1f75
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
349620e1a7233d74138f3c20c21b9e518440d61d3a6087894638405b45c3cee1
350bebaeb7e2ae8396b259b6b7c98a92d0748299c5b06fb97b5d3a7b69429115
35a325444a0bc4175c8ce57a68c40668f032fdda466aeaa609a23193d6eb43fb
36ae7cd197f222a180957b29c08cdc6440561a9fae3aeeb757ec42a63d90d972
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38bf08369b9d72ce4d22d5b555e9e5ee2e7a5fab8980ba2787f47d89d55e2c99
3b322c9030883acdb559f857024b4ef3ab7574712b635b6e3db135749e32e1fe
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3c865f9ba19b80bbab61230ac6f099d6c605af2b21615415338a9bfa471c863a
3d8e0bf009dc4593891079ba62a08eb9e8fc165dd367158823e41facbf0494cd
40e978ebe9f3ec208164c8b123cc96a0951060daf1182c0c4e230695c61f1f04
42209466a0cee1f96840538c1199f541720c02d34fa7f6cf499019a2b22a477f
4480fa1b105970ac52f944596b9ce6c6ab0adf0790e84511b66f93ed471cf480
45782083d293574ae5c2febb453d76d965ff2f0c144e816a4e6814fd9814a973
4737c095b2fe07c3277576ec1875b043639cdf54d6527ede7109908abc6d299a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
499d742344f4b69df1c45273acccf5c6941269f48276e4d52cdabdfbb77a7904
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb70b777e2e28b115fb3154f38891a6fd251dec72c0173c79c97df3f32a897a
4fef239ebd936e96f316dee1aca599952e7adaaba26fab72b45328871855ac4b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
516fadf20aefdc9565d38ff12fd35aa4262d20408dace2f5849cd191119496c0
51d1824c15484bf9e5f7eaecda2f6fcd87ac497425e14e21b36daa2bab07279c
51dcc2b5c50fa27a20b0c05bdf26f5b496b6bda930b087ccd0ae4856e68628e2
527b4867bcc7b8a38fac16fea9cc147439ccbe2bb0e23d194e152d1f8d65d154
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc
539f15bad34896844475a238302138e3ae85c29209532264254bdc28daaa3edb
54c706dae9926641af2e18a59361fb06195084976f0dbbafc0214adc8ccdfcd2
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56386db6fedf5475ff6ac57939cfaac58722f519fdce666cee7494b993c84e81
574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
587259314084a04755f0dfb2d0f0e9f07bdf03a575352e366e308d2e19cfc70a
5aa62593f059da36f7a9c7afabb0e0b9e6d35b60340684d40672e36e7205b4ec
5e7a58fa4a0eb39a6258df9ea0ea084c7d77a0ccf52caa03ffcac50d27f2e52b
61098cc685e1ee432a4f0898efcc830dd9375b97788ee674519c774e418b6361
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64cc219a5d11213dd0ae339608cebdfa99869a9f0010b236f7bf42b893757b69
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
690a225808e1830ad763cf573a3a0fef011a000267d34b5776f922e79531a7e9
691d4bd7b9b31f9ab1b1837e7d956e0e3041ef63c1ee0edee8ca6208a4234efd
6aa29b43cf5f135f71f94386bf85bf5c6a72046283995c01bb528bb410f8ba75
6ad584690f7fa3e788ea1df9a6a567211be5d9d627908e9339e84e99efe70126
6bb6407cde0b1ec326dc517b9db18feb3248ad68900ad9bae04db186a707da17
6ce9c974eddd008645e638d66c7029179ae19c8b271365d4501e82e6e9d54c13
6e4554aebd04601666c4f5f429267fd7518ba1f7658c0f66450fc79aa12c1908
704f6f54ae77cd5ea0a0bf47ebb70727a9bd76a311d7e54788ad3dc79b366739
70d75afdf2c4ec977f52f0977d52e4137863e37c88ed4cc45a2a40b038abd8e1
722c5b95144aaf980dafacd36b1df0a3a0cff78962e8eee8f56e40c423f00b6f
7bbf02d07a9047481f569d2705cd1a395da1c314f0b19cc96558ba97c132b6ce
7d851fa6f8a004b6b8929316ffecb82459ac179ad247192431c7279dd600c39e
7f44df6024871e07a9dce8999ff5aa6292613928aee3600d398384cabea67095
868599f683532d79366bfe9d89e2071bccf655ad0e67a2ca9b379c03ffb3a5e6
8b4fa49a1fc6f0c438705bcb65f85d81b05adb553adf3d2a2f2837c29f5a9aa2
8c6738b987d7226be8dd8628a78a7b8d0de03d1b3883146c547bbf8659df820d
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
915b59897b21e9be15863aa5620b17d476996da229da123482a584bdec59b197
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
946568e52dfc8128302488404fed54469e7f8a2de085f2617ad97c00402e41d9
947e22d9ed05fbe3f5ed3c4ee35618a1910a85968f48a22c0277f9936f2eb769
947f287476fbc9b0c4ca3fc97b70fb7cb6e7d85204d48c5da1b7df38d9fabee8
94bd10db36c3bc5c0bf38ffc55585c96abcc31f8e9957ed6e0c87c9c5dd42f77
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
972bb3d2fed74ca3b0bf9b43dadcda8c373ee8780816ba9b2ef6bd05da724138
97efeda8567c33ed3cd7eb616868f1282f50e8ca9ec1ebe3ab632b0913dbdc26
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b91a220e9397e5c490918cd2d49dd3db349e276ee15c824f89d6c9a554ecf66
9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a60406d427e511fb8b6f6a483e4b6f028101e150ed2447d38d5d98418afcb466
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a83cacad35cab9d5df069442d67efabf7c2a71dc4d78d2f6b8044bf332b50fff
a9765a17e251c504631928177f8caac5462c7f105aef5b2385ea96fe591d6818
aaac48be454622fb624348d4cd72ff1983d195ed341e39f25655bf181eb2e44a
aef780d4bc2115d3b8eb19d469e750879ca2a97bd4f921753d14b0c73352cb9a
b028d17ab2e8d0fbb2e1a8fbd4e48b45b8b4da712f6e9521615140392235c06e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4b4d5e67f4e69cce189da35aec15fd98da62b25d00e3b37f9a51a0facbee9bf
b4b84531c5dc764af9161a56997edf9b4c67e661d9108c6d346ca6944c10716d
b631526f714df2128b0710c305fb7a3b5aedd8c3cbff56e49e22a0e9391bdd71
b98df999bf23647121d5b612d14265d9d1a35e7dfd12f9c3d0bf46394b1a10eb
bafa1db2a6708b6401e11e0b2ac4c5bb6eddf4c25e5a83b7eb391fe42ab34a2f
bc8854601f38c9e4fd09873ba3edf5ed493e51d3187205690d91c73054116e42
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bcd3e5551b1b124d71a393467a4f48238ae52dfc3843f793c374b684574faf3f
bdd767560960de0c7a15970ea3b16451cd57550d82babe95dc4aae0caf38f277
bf8731cd02a2e9466c545c3b8a76496a9550af2816014533927223bbb51cf2ce
c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c20db37b0415137d094d2f4b92c2db53064084af00af9638521af4a60e3202b5
c299cd7441c413e1fe1d6906628f36bdc1142e35fb5907ce8fefa36213db2dda
c47693176093dad0dfafc4a0b1ab372a994818e9690a7ed0219c3ef021128d91
c5de476e2821c786cd2f8605323df45a1035e6ff01a613219ec96fc034a863bc
c60dd9372c9ff3fb4a9ad4c841dea15b5f625094870c20c892f1c57092f14534
c6cd28b8f48cd9c890723dbd16c6847083e7c322af81fc3da91b9730ac576658
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
c837347a297c1a35852aa375392cc74950a2b868214e8b1909c4637b8b63ee24
c87dc7d9c212984118785676c741a202f5cac746b7b003298a930ed56316e51f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cca36826c839c9b3779224cba3025ee800a077f7de6ce8edb7501cc3d1125447
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf07f4e2b9da5553441038123a2ff2fb6312d9561dc698248f6d59718a956432
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1f2d2e5202f3a1baa8751d93b62cb65f8ea0f5b16d64d78a00b4eff91f9091c
d2b59825f8e99fb2dc98d6be2a590fea1d87ddf24d33acc0ceefedbf4b760ff2
d47ba8428cacc9252d052784dc6573ba82a5bde0a942c7a80850436a81eabc59
d5140090ecc6779cabe638c5e55c8235006b86f1bcab23d89abcf02e163ad3d9
d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5
d64a80887c78bdcf8f7e98331022b155ce3ec4eb75e254e1d15a15663e80192e
d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e
d85aa20f051e49b97778c825c881639067f6f5fe70965391cc5098977c6df79f
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
d970eb0d01e5cc2cc4d6582c21de247cc49537cbdc5ac5bfe831f91b185b93c0
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
d9a9a19991050ee3bc32c91ed4df32051a445d9175f6fa45228d123ce0b42ecf
dbf6e5b75a285d830029955456eccf8419055e96d252f56a53dfc613cdd74a78
dc96ff8709fb90541d88f19f338e82407556aeb4719befe3a637c53955bfe6cf
dca6b47d1b1344b8dd75f53684acb1030b705199079a5419e9db1140a4361e19
dd1892cb87a74dac682a6207344909a96f23d342670b32063a4f4bae614805dd
dea6d9b977b06e1be6dbf3fc5118a1d8bfca410f14b6c4ad64ec07c057d4783c
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e865ba2ca00e11081a85a9c02951a24ff5ad447974bfaf3daa5356339bc02b6c
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
eb768c34f5b170271948a59c94651c37fd1214d64e1bd8863f134c508b905de7
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
ec4e04bf6aa1d19b00d36e194a14e06ffc6e75ec1cad535230beee9adc322e82
ecb2c263569e4a90ff051652e6dd3dcd148a591ff1b8412ae692414d547b0241
ed1bfafb4f6fd582f878c4cfe2d545b42365ab7f10659a41c86c8c51cac5d88d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff717678e5e48fe42ffb6ce1ab2ff63d78a07a6c31eeaaeb8232267469f9a57
f0f382f3320ade05dd14f969ff7dd9d894c6a6571165ab6d7fcdade2f4836dfc
f12f9c973246403ba908674bd2848ac00239354fa1521217c5c103c1c0f5200f
f2978863218394b3c44f1458d9dde2eb0af779d06b95bb96e3a1aea49803c129
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f70751d4b3f5d5c9f208ea16e8cbcac3c6abf1bda80357da3fcd21dde4333449
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f96caee1cf100b342e61f134b36c0673d6a1d5bf9eecbc302f3a32de281b8163
f98ff8ab059bdef9ea7fe9165a4e74fce15166abdbb8dd25307b7b7d9ac26ddd
fa5a146917b566cc193446e536691259f7ef5506fb99fe5f17937a23b2e6d3c3
fad88df6f78eca6556822fb4a8d589ac6b8e89a95434f05cc13a452d2f63b6ac
fd05ef9807b98a27b9e65f2b5ba48ed0f3924630b80d1361aac1eaef3976072c
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e