urlscan.io logo urlscan.io
SecurityTrails logo

proxy.my-addr.com Open in urlscan Pro
91.197.129.74  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://proxy9747.my-addr.org/
Effective URL: http://proxy.my-addr.com/
Submission Tags: falconsandbox
Submission: On November 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 38 HTTP transactions. The main IP is 91.197.129.74, located in Ukraine and belongs to OVDC-AS, UA. The main domain is proxy.my-addr.com.
This is the only time proxy.my-addr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 91.197.129.74 8870 (OVDC-AS)
8 172.217.23.98 15169 (GOOGLE)
8 142.250.185.162 15169 (GOOGLE)
2 142.250.184.194 15169 (GOOGLE)
1 142.250.184.226 15169 (GOOGLE)
7 142.250.185.193 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
1 2 142.250.186.36 15169 (GOOGLE)
38 9
11    91.197.129.74 (Ukraine)

ASN8870 (OVDC-AS, UA)
proxy9747.my-addr.org
proxy.my-addr.com
8    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
pagead2.googlesyndication.com
8    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads.g.doubleclick.net
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
partner.googleadservices.com
adservice.google.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
adservice.google.de
7    142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googletagservices.com
2    142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net
www.google.com
Domain Requested by
10 proxy.my-addr.com proxy.my-addr.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
8 pagead2.googlesyndication.com proxy.my-addr.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google.com 1 redirects tpc.googlesyndication.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 proxy9747.my-addr.org 1 redirects
38 10

This site contains links to these domains. Also see Links.

Domain
eproxy.my-addr.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 10 frames:

Primary Page: http://proxy.my-addr.com/
Frame ID: 66A27ACA7D2FEE20F31E1DAE8B8106B2
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211027/r20190131/zrt_lookup.html
Frame ID: 2EA89D838DC68826C4DE74F829EA49E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=15&slotname=1955924050&adk=138760809&adf=3237701139&pi=t.ma~as.1955924050&w=728&lmt=1635785459&psa=0&url=http%3A%2F%2Fproxy.my-addr.com%2F&flash=0&wgl=1&dt=1635785459626&bpp=3&bdt=208&idt=100&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&correlator=3736974965696&frm=20&pv=2&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=438&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rUe1jK9iyY&p=http%3A//proxy.my-addr.com&dtd=118
Frame ID: 37FD187FC10A01D9E81FCEB215A62486
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1635785459&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&flash=0&wgl=1&dt=1635785459629&bpp=1&bdt=211&idt=120&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=3736974965696&frm=20&pv=1&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Unun8ckh0x&p=http%3A//proxy.my-addr.com&dtd=126
Frame ID: 6EA69E33B4CF24564AA7D64DEB7D2B8E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=15&slotname=1955924050&adk=2779156746&adf=3495277003&pi=t.ma~as.1955924050&w=728&lmt=1635785459&psa=0&url=http%3A%2F%2Fproxy.my-addr.com%2F&flash=0&wgl=1&dt=1635785459630&bpp=1&bdt=212&idt=129&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=1955924050&correlator=3736974965696&frm=20&pv=1&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=440&ady=558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=lPbDe1mKGQ&p=http%3A//proxy.my-addr.com&dtd=131
Frame ID: C16845E6A2A8FFC2429BD66D2B59FFCB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&adk=1812271804&adf=3025194257&lmt=1635785459&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fproxy.my-addr.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1635785459639&bpp=1&bdt=221&idt=123&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=1955924050%2C1955924050&nras=1&correlator=3736974965696&frm=20&pv=1&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=127
Frame ID: D7A08931D00630AA8396B01E8FC0C6D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FD576A74469D405E1218415AE9677DD9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sKl_vPiz0OchHmL4Vfbrj3Wozc3CsK_Jq53kDzx3_oA.js
Frame ID: CB22E4B9F523B2F06623AE8C7CA55DAD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3D18024A3636A0C1B07CD10E51715863
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 55336BC84105FB531E9B9F108FEF314E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online web proxy,free anonymous web surfing,anonymizer,proxy

Page URL History Show full URLs

  1. http://proxy9747.my-addr.org/ HTTP 301
    http://proxy.my-addr.com/ Page URL

Page Statistics

38
Requests

71 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

9
IPs

2
Countries

363 kB
Transfer

862 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://proxy9747.my-addr.org/ HTTP 301
    http://proxy.my-addr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
proxy.my-addr.com/
Redirect Chain
  • http://proxy9747.my-addr.org/
  • http://proxy.my-addr.com/
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://proxy.my-addr.com/
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
54fa3ddf06b6cfcb3fa7b66270f15c681b6474af4b30bd9f51842278c89cc70b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.2.1
Date
Mon, 01 Nov 2021 14:09:02 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Server
nginx/1.2.1
Date
Mon, 01 Nov 2021 14:09:02 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Location
http://proxy.my-addr.com/
style.css
proxy.my-addr.com/myaddrproxy_img/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://proxy.my-addr.com/myaddrproxy_img/style.css?r=14
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
bb8f1fd9eac6417a7798877763a40fa7d08107c0a426ab68c08d098c2d05b635

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 14:09:03 GMT
Last-Modified
Mon, 18 Nov 2013 02:13:36 GMT
Server
nginx/1.2.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5601
Content-Type
text/css
proxy_header.png
proxy.my-addr.com/myaddrproxy_img/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://proxy.my-addr.com/myaddrproxy_img/proxy_header.png
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
40a6db698693247573884faeb582a2f0b5bf69c9994267f2e3020b3f21718055

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 14:09:03 GMT
Last-Modified
Mon, 18 Nov 2013 02:13:36 GMT
Server
nginx/1.2.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15823
Content-Type
image/png
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/
Protocol
HTTP/1.1
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
6d1a3d9d472ca7cd6a1d8f5007e663630c65721e95f9735513f77b5f5ca8834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 01 Nov 2021 16:50:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
18054559690079104249
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
51581
X-XSS-Protection
0
Expires
Mon, 01 Nov 2021 16:50:59 GMT
start_proxy.png
proxy.my-addr.com/myaddrproxy_img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://proxy.my-addr.com/myaddrproxy_img/start_proxy.png
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
7fd96699e6395d34f2bf22d96512de7c00ec9a9703b152bd821a02bd8e8911b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 14:09:03 GMT
Last-Modified
Mon, 18 Nov 2013 02:13:36 GMT
Server
nginx/1.2.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1538
Content-Type
image/png
green_arrow.png
proxy.my-addr.com/myaddrproxy_img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://proxy.my-addr.com/myaddrproxy_img/green_arrow.png
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
420dc750f6d3b6eb2098b252b2d92b5707402bcceeb8580f1dedd5a21b974145

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 14:09:03 GMT
Last-Modified
Mon, 18 Nov 2013 02:13:36 GMT
Server
nginx/1.2.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4386
Content-Type
image/png
whitebox_bg.png
proxy.my-addr.com/myaddrproxy_img/ 		158 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://proxy.my-addr.com/myaddrproxy_img/whitebox_bg.png
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
4d27e49e2b5b96a2951948fc1779ab3d8fc7100f38e6456bf11159b8144d10aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 14:09:03 GMT
Last-Modified
Mon, 18 Nov 2013 02:13:36 GMT
Server
nginx/1.2.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
158
Content-Type
image/png
skybg.png
proxy.my-addr.com/myaddrproxy_img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://proxy.my-addr.com/myaddrproxy_img/skybg.png
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/myaddrproxy_img/style.css?r=14
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
29fa8bd22f9b6dc47e71c02de5dae69cad3ea00b60e712257dff52e63ae47ed8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/myaddrproxy_img/style.css?r=14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 14:09:03 GMT
Last-Modified
Mon, 18 Nov 2013 02:13:36 GMT
Server
nginx/1.2.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11175
Content-Type
image/png
whitebox_bg_table.png
proxy.my-addr.com/myaddrproxy_img/ 		119 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://proxy.my-addr.com/myaddrproxy_img/whitebox_bg_table.png
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/myaddrproxy_img/style.css?r=14
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
e74f3f876d03d649ece3a59b21b0cf03c9e2b720f9daa98771deb34bc52b07d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/myaddrproxy_img/style.css?r=14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 14:09:03 GMT
Last-Modified
Mon, 18 Nov 2013 02:13:36 GMT
Server
nginx/1.2.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
119
Content-Type
image/png
skybg_dark.png
proxy.my-addr.com/myaddrproxy_img/ 		292 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://proxy.my-addr.com/myaddrproxy_img/skybg_dark.png
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/myaddrproxy_img/style.css?r=14
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
1d3e99b9e8a549e37f73b35938d7b2ff957b5bf367a04d607902f1f068216720

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/myaddrproxy_img/style.css?r=14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 14:09:03 GMT
Last-Modified
Mon, 18 Nov 2013 02:13:36 GMT
Server
nginx/1.2.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
292
Content-Type
image/png
bullet.gif
proxy.my-addr.com/myaddrproxy_img/ 		105 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://proxy.my-addr.com/myaddrproxy_img/bullet.gif
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/myaddrproxy_img/style.css?r=14
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
c28d184e92bc7a99b9555067b726abd39dd28fa511d9eb7f0f9233e73a5b3f93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/myaddrproxy_img/style.css?r=14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 14:09:03 GMT
Last-Modified
Mon, 18 Nov 2013 02:13:36 GMT
Server
nginx/1.2.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
105
Content-Type
image/gif
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110270101/ 		269 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com&bust=31063330
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
7be7886d62ab185695ef72c620fdb233171441d85b9cbbed04f75c92f4ea9453
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 16:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98909
x-xss-protection
0
server
cafe
etag
11622704919876612689
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 16:50:59 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211027/r20190131/ Frame 2EA8 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211027/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
2ba6c99545dd22a1ceac617b8abf42bd5347ea8a3c6c2baaf9e4ce98da8c2e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 01 Nov 2021 00:29:10 GMT
expires
Mon, 15 Nov 2021 00:29:10 GMT
content-type
text/html; charset=UTF-8
etag
3095056338170221291
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4754
x-xss-protection
0
age
58909
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		201 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=proxy.my-addr.com&callback=_gfp_s_&client=ca-pub-6773924891626056
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com&bust=31063330
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
9d9ddc6dcc51d462a867679042fdb6298f8c3b43d83ee2ea980ae133744280f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 16:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=proxy.my-addr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com&bust=31063330
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Nov 2021 16:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=proxy.my-addr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com&bust=31063330
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Nov 2021 16:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 37FD 		603 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=15&slotname=1955924050&adk=138760809&adf=3237701139&pi=t.ma~as.1955924050&w=728&lmt=1635785459&psa=0&url=http%3A%2F%2Fproxy.my-addr.com%2F&flash=0&wgl=1&dt=1635785459626&bpp=3&bdt=208&idt=100&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&correlator=3736974965696&frm=20&pv=2&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=438&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rUe1jK9iyY&p=http%3A//proxy.my-addr.com&dtd=118
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com&bust=31063330
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 01 Nov 2021 16:50:59 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 01 Nov 2021 16:50:59 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 6EA6 		67 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1635785459&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&flash=0&wgl=1&dt=1635785459629&bpp=1&bdt=211&idt=120&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=3736974965696&frm=20&pv=1&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Unun8ckh0x&p=http%3A//proxy.my-addr.com&dtd=126
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com&bust=31063330
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
759552517bded9773d68d9718f29c21986b14ca35b1f05e923ce187c733e6730
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 01 Nov 2021 16:51:00 GMT
server
cafe
content-length
26352
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 01 Nov 2021 16:51:00 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame C168 		603 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=15&slotname=1955924050&adk=2779156746&adf=3495277003&pi=t.ma~as.1955924050&w=728&lmt=1635785459&psa=0&url=http%3A%2F%2Fproxy.my-addr.com%2F&flash=0&wgl=1&dt=1635785459630&bpp=1&bdt=212&idt=129&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=1955924050&correlator=3736974965696&frm=20&pv=1&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=440&ady=558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=lPbDe1mKGQ&p=http%3A//proxy.my-addr.com&dtd=131
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com&bust=31063330
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 01 Nov 2021 16:50:59 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 01 Nov 2021 16:50:59 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame D7A0 		0
142 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&adk=1812271804&adf=3025194257&lmt=1635785459&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fproxy.my-addr.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1635785459639&bpp=1&bdt=221&idt=123&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=1955924050%2C1955924050&nras=1&correlator=3736974965696&frm=20&pv=1&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=127
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com&bust=31063330
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 01 Nov 2021 16:50:59 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 01 Nov 2021 16:50:59 GMT
cache-control
private
13799216116986333067
tpc.googlesyndication.com/simgad/ Frame 6EA6 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13799216116986333067?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkAvJk36BbjDW8ep-HMcilmwTsOIQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1635785459&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&flash=0&wgl=1&dt=1635785459629&bpp=1&bdt=211&idt=120&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=3736974965696&frm=20&pv=1&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Unun8ckh0x&p=http%3A//proxy.my-addr.com&dtd=126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
5f585298e5101f5d969662761ec8b6ad691d81892a40038990bda6d922f96402
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 06:37:57 GMT
x-content-type-options
nosniff
age
295983
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25956
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 09:39:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 29 Oct 2022 06:37:57 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame 6EA6 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1635785459&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&flash=0&wgl=1&dt=1635785459629&bpp=1&bdt=211&idt=120&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=3736974965696&frm=20&pv=1&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Unun8ckh0x&p=http%3A//proxy.my-addr.com&dtd=126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
cafe /
Resource Hash
9098bce32fa311e967ba3bae1f3c4763801acf08ba95c67fb477f468e42a69a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 16:49:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7760
x-xss-protection
0
server
cafe
etag
2659786357195577193
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Nov 2021 16:49:56 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 6EA6 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1635785459&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&flash=0&wgl=1&dt=1635785459629&bpp=1&bdt=211&idt=120&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=3736974965696&frm=20&pv=1&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Unun8ckh0x&p=http%3A//proxy.my-addr.com&dtd=126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 16:50:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Nov 2021 16:50:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 6EA6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1635785459&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&flash=0&wgl=1&dt=1635785459629&bpp=1&bdt=211&idt=120&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=3736974965696&frm=20&pv=1&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Unun8ckh0x&p=http%3A//proxy.my-addr.com&dtd=126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
cafe /
Resource Hash
7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 16:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6337
x-xss-protection
0
server
cafe
etag
7721474052657771746
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Nov 2021 16:49:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6EA6 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1635785459&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&flash=0&wgl=1&dt=1635785459629&bpp=1&bdt=211&idt=120&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=3736974965696&frm=20&pv=1&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Unun8ckh0x&p=http%3A//proxy.my-addr.com&dtd=126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
d16d61e50a6c8f915deadde160aff9a3ba942fa1eb64c058eb74a646c114e749
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 16:51:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37252
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635368421117528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 01 Nov 2021 16:51:00 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 6EA6 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1635785459&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&flash=0&wgl=1&dt=1635785459629&bpp=1&bdt=211&idt=120&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=3736974965696&frm=20&pv=1&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Unun8ckh0x&p=http%3A//proxy.my-addr.com&dtd=126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
cafe /
Resource Hash
a719efa92ba257d3044e0647257b53efc9137ae0064411d25600a66da5a54697
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 16:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
858
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11311
x-xss-protection
0
server
cafe
etag
10869067349040096472
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Nov 2021 16:36:42 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6EA6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CRCzq8xqAYeCbL9GArAS8joOIAp2wo45m4fHQ7PQO2tkeEAEgnNn4DWCVgoCAmAegAazyuL8ByAECqQLudG1ICDUNPqgDAcgDyYSAAqoEygFP0FhUs87fsr2yawZFTBQclGRdVYNCl9HEwAtBD0FSCUfV5GvswxlS3havUz6dyKFa8wBpKBM8RIJte70wqVbaovqbJPec5ms5bE-Cu6MdJXJnL-kWqwKnqC7oGWwsrmf-QV_37xFT4zwDq5n-2YFqb0RcXvQ5Kf4JTx5wpQgO5dw9rOUcJKcze-J92McP2f1-BwGd_TEFSVjg7obQ0j-HcPeSROZougi7OOBR2E58yjj3qkgtKDrRmsqF0bilRYpEVfyzrkA2yO4lwATvnMGs4gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHvI3HwAKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ5d8x0ggJCIDhgBAQARhfgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTY3NzM5MjQ4OTE2MjYwNTYYAA&sigh=BLlkiyGbneQ&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1635785459&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&flash=0&wgl=1&dt=1635785459629&bpp=1&bdt=211&idt=120&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=3736974965696&frm=20&pv=1&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Unun8ckh0x&p=http%3A//proxy.my-addr.com&dtd=126
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1635785459&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&flash=0&wgl=1&dt=1635785459629&bpp=1&bdt=211&idt=120&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=3736974965696&frm=20&pv=1&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Unun8ckh0x&p=http%3A//proxy.my-addr.com&dtd=126
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 01 Nov 2021 16:51:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Nov 2021 16:51:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame FD57 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1635785459&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&flash=0&wgl=1&dt=1635785459629&bpp=1&bdt=211&idt=120&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=3736974965696&frm=20&pv=1&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Unun8ckh0x&p=http%3A//proxy.my-addr.com&dtd=126
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1635785459&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&flash=0&wgl=1&dt=1635785459629&bpp=1&bdt=211&idt=120&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=3736974965696&frm=20&pv=1&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Unun8ckh0x&p=http%3A//proxy.my-addr.com&dtd=126

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 01 Nov 2021 16:37:38 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
802
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6EA6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f73c530711792c13f180f337f32bf0158e31f2873adeebbbef5d0628547c1a17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211027&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com&bust=31063330
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
48dd1ef3318aec4c4c1b9de929824a7581ffd2225773f4be7bd440f758abbaef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Nov 2021 16:51:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9156
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame FD57
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1635785459&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&flash=0&wgl=1&dt=1635785459629&bpp=1&bdt=211&idt=120&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=3736974965696&frm=20&pv=1&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Unun8ckh0x&p=http%3A//proxy.my-addr.com&dtd=126
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 01 Nov 2021 16:51:00 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 01 Nov 2021 16:51:00 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 01 Nov 2021 16:51:00 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sKl_vPiz0OchHmL4Vfbrj3Wozc3CsK_Jq53kDzx3_oA.js
pagead2.googlesyndication.com/bg/ Frame CB22 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sKl_vPiz0OchHmL4Vfbrj3Wozc3CsK_Jq53kDzx3_oA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1635785459&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&flash=0&wgl=1&dt=1635785459629&bpp=1&bdt=211&idt=120&shv=r20211027&mjsv=m202110270101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=3736974965696&frm=20&pv=1&ga_vid=1146076897.1635785460&ga_sid=1635785460&ga_hid=987387776&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31063295%2C31063330%2C44748553&oid=2&pvsid=3247977884699360&pem=822&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Unun8ckh0x&p=http%3A//proxy.my-addr.com&dtd=126
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
sffe /
Resource Hash
b0a97fbcf8b3d0e7211e62f855f6eb8f75a8cdcdc2b0afc9ab9de40f3c77fe80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
20418
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13525
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 01 Nov 2022 11:10:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com&bust=31063330
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 16:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 01 Nov 2021 16:51:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3D18 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 01 Nov 2021 16:29:13 GMT
expires
Tue, 01 Nov 2022 16:29:13 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1308
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 5533 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
GSE /
Resource Hash
46b2c713bc46c7b158e7f08f06ebc96c7a0490fc84b2af20c1b94e23dcfbd144
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D9cCT3OFbtPEAGOriAhY5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 01 Nov 2021 16:51:01 GMT
date
Mon, 01 Nov 2021 16:51:01 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-D9cCT3OFbtPEAGOriAhY5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sKl_vPiz0OchHmL4Vfbrj3Wozc3CsK_Jq53kDzx3_oA.js
pagead2.googlesyndication.com/bg/ Frame 3D18 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sKl_vPiz0OchHmL4Vfbrj3Wozc3CsK_Jq53kDzx3_oA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
sffe /
Resource Hash
b0a97fbcf8b3d0e7211e62f855f6eb8f75a8cdcdc2b0afc9ab9de40f3c77fe80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
20419
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13525
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 01 Nov 2022 11:10:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5533 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211027&jk=3247977884699360&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211027&jk=3247977884699360&bg=!Q0ClQATNAAZzbWp4c207ACkAdvg8Ws9ledxspp1lgFUSvDwRT0hziJXfyOWgSyg7UrFnrVyamsPajwIAAABbUgAAAAhoAQcKAEYtbFzXEbYl7dLwnYN4ZrhWeAPyi9XRLk07-OJqFLhIOw3twKMacoCbqEIQt6xtdT11jjkvxRVU7M8-oSP2n6AvEfGMRot-mQKxfxbpywEYoONNaYEF8h9a_YIuFYQ-ohfMKje_8uprfL-9DIcp1jbR7HxcM9e5wOT5ptpruAQyTldZfUPFZhWwlUb9y20ZMBON4wMUj23omm0SQLW4BHpgfBW7YqR7hn84HIA9bvfV1VHOk1SQZiYqwgpefMYrEHHcMxSNCcavD9tn-Z9xl_Ezb5uu1OqaUePzRM2JPDXkLna_3NN1gdTqT-U2H7S7HdAgtBkl41KsDTz_6M3EsvUEOgNd-nKqXk1LJ0_yK_sOYbG7cUAqz7Eoa1rg0UaNW2MNcCDS2t6357FSrBbIpDH_4iQxKwdVEZoeY3p1arOfH5jjZ1_0RyFL-zEsWVWDWr26ZjMFCgObVR0SShnRHtefAJJX6V4HIodjV2qJNBuCTNQQCC3fdxcLHrt7lqGIX4NjBIggHMveW8-2ZpkDOCS1nkcIUNT5F-ROoEbq5lgu1dB-JcFGbZhzNd10ot6i9gYXCE3wFYOAlmJ6GJxLOcghmAGqy5ixVyLa_VLHQYjdXcw4hTzjwvPk8Wt7-pTKeREZzkt1WSCeggFzBDo4AlB8P50JNX7lnYBYztanMvfZMTOqNhm4ujjEwzN5xJ-0svWZ0CZGdqb3jXol7U02m3hpGdi3S4qndlIxsAiBqMCcf2bQWLEemb0lsd9NFXuU3QqXx06aMWiClezq4Kqcvhvg1msn7ZrlPmt4ZOyZ33M4p2AlZ_m_rBMdChBKqZE9RjbnvLSvsbdNKipqtdub5ukKgSY3qECsDs-RvGgpud-xOxQVfBGqoBUU9FXuB6sD81ZOTdUhw5Xmh5a69eO9i-UWEcMIf33H74UQbbqM7sGhiM-me21OIbzymljiafAjV7ql4JHl5ToEcZd7w4UcITHUbLNIDFK5zMDJnuZrIePcSHoMi7jlwABiVxU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 16:51:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6EA6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2B95T9XCP6qW3tIgNPeHkJ5LI-35Vjo14PupyQbKGNgOt9OWtVq2zwkFJBsD9uJkHBf-hvqlc9tfFv5h-5ef3-WA9Y8rBuhiiznyzsqKc_-2EramM8g&sai=AMfl-YTbWBVv9yGRpOamwmMGnzceRcwSc5fS4sbvw-6khnY7CKJd8K3vgWx0gvl9KdpJAmTHjsnjecEWLlXt&sig=Cg0ArKJSzMT7tZ1BzDGaEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211027&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2659712286&rs=2&la=0&cr=0&vs=4&r=v&rst=1635785459757&rpt=784&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 16:51:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler boolean| ie function| init_ajax function| ajax_request function| update_useragent function| save_settings object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_persistent_state_async function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
proxy9747.my-addr.org/ Name: i1243
Value: 1
proxy.my-addr.com/ Name: i1243
Value: 1
proxy.my-addr.com/ Name: PHPSESSID
Value: qt6hddggtrrdc8fqlfgmm9uim4
proxy.my-addr.com/ Name: proxy_session
Value: 21110110090269
.my-addr.com/ Name: __gads
Value: ID=5a305e362f8ee532-22b87a6607cb0073:T=1635785459:RT=1635785459:S=ALNI_MYcunxOLlA6n5lU7QIa4toaTXW5Og
.doubleclick.net/ Name: IDE
Value: AHWqTUlou1EfI9_APN4gmehSEPUEZgvGC-gg_j28N0juYhjy6CHSwqc6UZpGf5yg1sI
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
proxy.my-addr.com
proxy9747.my-addr.org
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
142.250.184.194
142.250.184.226
142.250.185.162
142.250.185.193
142.250.185.226
142.250.186.36
172.217.23.98
91.197.129.74
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d3e99b9e8a549e37f73b35938d7b2ff957b5bf367a04d607902f1f068216720
29fa8bd22f9b6dc47e71c02de5dae69cad3ea00b60e712257dff52e63ae47ed8
2ba6c99545dd22a1ceac617b8abf42bd5347ea8a3c6c2baaf9e4ce98da8c2e49
40a6db698693247573884faeb582a2f0b5bf69c9994267f2e3020b3f21718055
420dc750f6d3b6eb2098b252b2d92b5707402bcceeb8580f1dedd5a21b974145
46b2c713bc46c7b158e7f08f06ebc96c7a0490fc84b2af20c1b94e23dcfbd144
48dd1ef3318aec4c4c1b9de929824a7581ffd2225773f4be7bd440f758abbaef
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4d27e49e2b5b96a2951948fc1779ab3d8fc7100f38e6456bf11159b8144d10aa
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
54fa3ddf06b6cfcb3fa7b66270f15c681b6474af4b30bd9f51842278c89cc70b
5f585298e5101f5d969662761ec8b6ad691d81892a40038990bda6d922f96402
6d1a3d9d472ca7cd6a1d8f5007e663630c65721e95f9735513f77b5f5ca8834c
7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b
759552517bded9773d68d9718f29c21986b14ca35b1f05e923ce187c733e6730
7be7886d62ab185695ef72c620fdb233171441d85b9cbbed04f75c92f4ea9453
7fd96699e6395d34f2bf22d96512de7c00ec9a9703b152bd821a02bd8e8911b3
9098bce32fa311e967ba3bae1f3c4763801acf08ba95c67fb477f468e42a69a2
9d9ddc6dcc51d462a867679042fdb6298f8c3b43d83ee2ea980ae133744280f5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a719efa92ba257d3044e0647257b53efc9137ae0064411d25600a66da5a54697
b0a97fbcf8b3d0e7211e62f855f6eb8f75a8cdcdc2b0afc9ab9de40f3c77fe80
bb8f1fd9eac6417a7798877763a40fa7d08107c0a426ab68c08d098c2d05b635
c28d184e92bc7a99b9555067b726abd39dd28fa511d9eb7f0f9233e73a5b3f93
d16d61e50a6c8f915deadde160aff9a3ba942fa1eb64c058eb74a646c114e749
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74f3f876d03d649ece3a59b21b0cf03c9e2b720f9daa98771deb34bc52b07d1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f73c530711792c13f180f337f32bf0158e31f2873adeebbbef5d0628547c1a17