appfelstrudel.com Open in urlscan Pro
2606:4700:3108::ac42:2912 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://appfelstrudel.com/q-oxygen-mobile-banking
Submission: On September 21 via api (September 21st 2021, 12:31:15 am UTC) from US — Scanned from DE

Summary HTTP 132 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 21 domains to perform 132 HTTP transactions. The main IP is 2606:4700:3108::ac42:2912, located in United States and belongs to CLOUDFLARENET, US. The main domain is appfelstrudel.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 11th 2021. Valid for: a year.

This is the only time appfelstrudel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:310... 2606:4700:3108::ac42:2912	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
14	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:1b8::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:6c0... 2a02:26f0:6c00:192::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:194::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:183::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 1	217.79.188.21 217.79.188.21	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	217.79.188.11 217.79.188.11	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1 1	52.18.11.109 52.18.11.109	16509 (AMAZON-02) (AMAZON-02)
6	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
132	25

5 2606:4700:3108::ac42:2912 (United States)

ASN13335 (CLOUDFLARENET, US)

appfelstrudel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:1b8::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

is4-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:192::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

is5-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:194::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

is3-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:183::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

is2-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.21 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com

ad2.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.11.109 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	558 KB
22	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	180 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	127 KB
10	cloudflare.com cdnjs.cloudflare.com	141 KB
8	mzstatic.com is4-ssl.mzstatic.com is5-ssl.mzstatic.com is3-ssl.mzstatic.com is2-ssl.mzstatic.com	657 KB
7	google.com 2 redirects adservice.google.com www.google.com	2 KB
6	googleapis.com fonts.googleapis.com	5 KB
6	googletagservices.com www.googletagservices.com	221 KB
5	appfelstrudel.com appfelstrudel.com	16 KB
3	google.de adservice.google.de	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	openx.net 2 redirects rtb.openx.net	759 B
2	rlcdn.com 2 redirects id.rlcdn.com	881 B
2	adition.com 1 redirects ad2.adfarm1.adition.com imagesrv.adition.com	696 B
2	google-analytics.com www.google-analytics.com	20 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	460 B
1	everesttech.net 1 redirects pixel.everesttech.net	375 B
1	quantserve.com cms.quantserve.com	462 B
1	googleadservices.com partner.googleadservices.com	661 B
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	jsdelivr.net cdn.jsdelivr.net	3 KB
132	21

	Domain	Requested by
34	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	appfelstrudel.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	cdnjs.cloudflare.com	appfelstrudel.com cdnjs.cloudflare.com
6	cm.g.doubleclick.net	appfelstrudel.com googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
6	fonts.googleapis.com	googleads.g.doubleclick.net
6	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
5	appfelstrudel.com	appfelstrudel.com
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	is5-ssl.mzstatic.com	appfelstrudel.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	id.rlcdn.com	2 redirects
2	is4-ssl.mzstatic.com	appfelstrudel.com
2	www.google-analytics.com	appfelstrudel.com www.google-analytics.com
1	pixel.rubiconproject.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	imagesrv.adition.com	googleads.g.doubleclick.net
1	ad2.adfarm1.adition.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	is2-ssl.mzstatic.com	appfelstrudel.com
1	is3-ssl.mzstatic.com	appfelstrudel.com
1	static.cloudflareinsights.com	appfelstrudel.com
1	cdn.jsdelivr.net	appfelstrudel.com
132	30

This site contains links to these domains. Also see Links.

Domain
cookiesandyou.com
apps.apple.com
totalpower.nl

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-11` - `2022-08-10`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
itunes.apple.com Apple Public EV Server RSA CA 2 - G1	`2021-06-22` - `2022-07-22`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G2	`2021-04-15` - `2022-05-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://appfelstrudel.com/q-oxygen-mobile-banking
Frame ID: 6766872333A82763469C5C923C33CF62
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20190131/zrt_lookup.html
Frame ID: 02CC193DD2D7B46892ACD92295185905
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&adk=1812271804&adf=3025194257&lmt=1632183493&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269686&bpp=3&bdt=224&idt=72&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6917528955580&frm=20&pv=2&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=87
Frame ID: 92508251A11925FCE22DC1365E685B2B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=3935758654&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269689&bpp=1&bdt=227&idt=89&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GkrlxWd1dx&p=https%3A//appfelstrudel.com&dtd=94
Frame ID: 9C9857B3FC376BAC81367834FA4851AE
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=25443572&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269690&bpp=1&bdt=228&idt=95&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=1896&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BNph6rxXXh&p=https%3A//appfelstrudel.com&dtd=98
Frame ID: F7496151BA033B909C7E69AAC918EE25
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=1040374482&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269691&bpp=1&bdt=229&idt=99&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=wmBaJfeDEC&p=https%3A//appfelstrudel.com&dtd=103
Frame ID: 6462190E682450606E39E0B4E53D0505
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=80&adk=2351984501&adf=2203902367&pi=t.aa~a.459020128~rp.4&w=736&lmt=1632183493&nsk=16ba37c4&rafmt=11&pwprc=8306480574&psa=0&ad_type=text_image&format=736x80&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184270199&bpp=2&bdt=737&idt=2&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbbc40b08f5f89d6-226a3aec3dc90048%3AT%3D1632184269%3ART%3D1632184269%3AS%3DALNI_MbOeMxsMKOiIYt6tFTbBn6T9kCspQ&prev_fmts=0x0%2C336x280%2C336x280%2C336x280&nras=2&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=557&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WLX7lJkuOY&p=https%3A//appfelstrudel.com&dtd=13
Frame ID: 3B162459A59ED861AF48FAA3690FDEBC
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
Frame ID: F0C36C54626977492E47494F43CA3E64
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 5D7ACCA950237B22348C62C75A966E0F
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gu-x2Md8DAd-Yn-E0ZViCQm3mkL4a428a8pOLKmNnXk.js
Frame ID: 95D9514EBBE894AECBC7977A21DF979D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gu-x2Md8DAd-Yn-E0ZViCQm3mkL4a428a8pOLKmNnXk.js
Frame ID: D84BF1E0EF74869CFD2A49BDFBA2CE81
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html
Frame ID: 2400BC0D24C5080460297BB909E203D9
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3B8D69AD75EEF458DC95C7256C34C26D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gu-x2Md8DAd-Yn-E0ZViCQm3mkL4a428a8pOLKmNnXk.js
Frame ID: 781EDBA6757531B9493F05CB71A674D7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F5EED7A9FAEB8BF47E926FD74CB78647
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C7FCD77C527D73AA87530A5289D311FD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gu-x2Md8DAd-Yn-E0ZViCQm3mkL4a428a8pOLKmNnXk.js
Frame ID: 645D04271C170B104BDE17F4D4EF8962
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 38F5DAE2184F71EEF6A0C78F4AC9ACBD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D3C5F9881428B52656C9A89E8D041B24
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Top 10 Apps like Oxygen Mobile Banking in 2021 for iPhone & iPad

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css
<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

132
Requests

99 %
HTTPS

70 %
IPv6

21
Domains

30
Subdomains

25
IPs

5
Countries

1938 kB
Transfer

4096 kB
Size

19
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/oxygen-banking-modern-finance/id1486762009?uo=4&at=10lGfI
Title: Free

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/pnc-mobile-banking/id303113127?uo=4&at=10lGfI
Title: Free

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/lloyds-bank-mobile-banking/id469964520?uo=4&at=10lGfI
Title: Free

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/oxygen/id700797306?uo=4&at=10lGfI
Title: Free

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/chime-mobile-banking/id836215269?uo=4&at=10lGfI
Title: Free

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/arvest-go-mobile-banking/id1210438422?uo=4&at=10lGfI
Title: Free

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/halifax-mobile-banking/id486355738?uo=4&at=10lGfI
Title: Free

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/citizens-bank-mobile-banking/id388082488?uo=4&at=10lGfI
Title: Free

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/bcu-mobile-banking/id1133974972?uo=4&at=10lGfI
Title: Free

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/moneylion-mobile-banking/id1064677082?uo=4&at=10lGfI
Title: Free

Search URL Search Domain Scan URL

URL: https://totalpower.nl/
Title: OEM switched mode power supplies (SMPS)

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

https://ad2.adfarm1.adition.com/banner?sid=4593833&gdpr=&gdpr_consent=&kid=4680291&bid=14464769&wpt=C&ts=1446237049&ipt=0 HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 101

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 121

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPItYqVxqkPqsS7uQqXqEG9JIslfnYnEcV4x_eL2M2P0CYftFpJenefu10B-Ifk7JJugOXKCY5YHXCRjsQ_vJkSkdntfrhM&google_gid=CAESELmkvL06xuLrpraHJz-Jz9k&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVVrbnp3QUFCUnA4RjBodw&google_push=AYg5qPItYqVxqkPqsS7uQqXqEG9JIslfnYnEcV4x_eL2M2P0CYftFpJenefu10B-Ifk7JJugOXKCY5YHXCRjsQ_vJkSkdntfrhM

Request Chain 122

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPIlcIRgvQhZnMgo3uu0j3GcXbDxrzWHtihEpG0_AHNpkQbhQaoHHdslcdSEZSBOnp3gErOgcnOz1SQ693L-wCrjdhrcrQ&google_gid=CAESEASxXNOLIWr6wyjyTG-9crw&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCM_PpIoGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BWWc1cVBJbGNJUmd2UWhabk1nbzN1dTBqM0djWGJEeHJ6V0h0aWhFcEcwX0FITnBrUWJoUWFvSEhkc2xjZFNFWlNCT25wM2dFck9nY25PejFTUTY5M0wtd0NyamRocmNyUQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNDkyWXI3NnljWnI0bmFTcjZGZnlRN19FU2gybWlUQlFId2tWTlpYdkp1SQ==&google_push

Request Chain 123

https://rtb.openx.net/sync/dds?google_gid=CAESED-1ZG8LJ2wo3v0r9QlrNLc&google_cver=1&google_push=AYg5qPIYd2v-O_kL_YODLp9vpgvhAWArh3bNqAJn2GHjO_m8J39Nn9khhIWWiJ_MRSvTGLoYUoyELPS1dS6Jracnu5RvAvtHfNU HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESED-1ZG8LJ2wo3v0r9QlrNLc&google_cver=1&google_push=AYg5qPIYd2v-O_kL_YODLp9vpgvhAWArh3bNqAJn2GHjO_m8J39Nn9khhIWWiJ_MRSvTGLoYUoyELPS1dS6Jracnu5RvAvtHfNU&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIYd2v-O_kL_YODLp9vpgvhAWArh3bNqAJn2GHjO_m8J39Nn9khhIWWiJ_MRSvTGLoYUoyELPS1dS6Jracnu5RvAvtHfNU&google_hm=OR8gzGMXxaEfhSRn79uLJw==

Request Chain 124

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOyL-MhW_Ueu38eweaG5GAs&google_cver=1&google_push=AYg5qPIkZUWsptljj26O8qPUSEW3Mr-pyQkrlydbfdR8kxWQNuC1h_X0NeXXV25GROyw39rxlF7VxPx_tFN26B8xNxRNWCn9LHE HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOyL-MhW_Ueu38eweaG5GAs&google_cver=1&google_push=AYg5qPIkZUWsptljj26O8qPUSEW3Mr-pyQkrlydbfdR8kxWQNuC1h_X0NeXXV25GROyw39rxlF7VxPx_tFN26B8xNxRNWCn9LHE&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MJch4_P5QrqafJYYdlUnjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIkZUWsptljj26O8qPUSEW3Mr-pyQkrlydbfdR8kxWQNuC1h_X0NeXXV25GROyw39rxlF7VxPx_tFN26B8xNxRNWCn9LHE

Request Chain 125

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPrA8ydraYNaYEWyJNkTeqs&google_cver=1&google_push=AYg5qPLbPwjmrgmmNVG_E_Yb6MAViHnZzuMD6db_g1zt_2b8qG6yTbXyfYnCFtuARLzc0wJ_N9zXsmbCnLufzPCr6v8bpVFd_II HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RUQ0RGUFUtMVEtSTg1MQ==&google_push=AYg5qPLbPwjmrgmmNVG_E_Yb6MAViHnZzuMD6db_g1zt_2b8qG6yTbXyfYnCFtuARLzc0wJ_N9zXsmbCnLufzPCr6v8bpVFd_II

Request Chain 126

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_cver=1&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

132 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request q-oxygen-mobile-banking Show response
appfelstrudel.com/ 47 KB
9 KB 176ms
154ms Document
text/html 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appfelstrudel.com/q-oxygen-mobile-banking
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 297216266176b1027dbab947934632e03e0d3bfb25ed354892aa86f429bd0956

Request headers

:method: GET
:authority: appfelstrudel.com
:scheme: https
:path: /q-oxygen-mobile-banking
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-type: text/html
last-modified: Tue, 21 Sep 2021 00:18:13 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40fqeZeq0KvZ4zsfp8xeKlAaNoQfSHO72JVwefdbJEecPGYDvqabUdGviXTRZC8Vg5mSwkbb3810GSElqECd7DwH0eQoBXJlD%2FY0glw32O6pDo763fYEmVQ%2BhXyP7nuxPhu96uGt9IhXge6I2FrQeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 691f3062faa1637d-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/foundation/5.5.3/css/ 2 KB
1 KB 38ms
15ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/foundation/5.5.3/css/normalize.min.css

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcef96bd3d8479bd51214ea2308b44862e719474c22c78361e02e6546156c96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13028381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 697
cf-request-id: 099ecf413100002bd633381000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:12 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e64-78e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rD%2FN84EndOs2cSPUWBHBku%2FyKQZW1Bh0AWdXupPacY1GCXjdVJy7wCSZ2Hb8gcCqUyzYZaMuc17j6J6GvTicr3l0QZy0R1tmMaXmMwmNy0v4FbfAuilYP9Nl4d57XTkeeGqryAJdocdlcnR4G%2FWKuCK8"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 691f30646a3f68f8-FRA
expires: Sun, 11 Sep 2022 00:31:09 GMT

GET
H2 200 foundation.min.css
cdnjs.cloudflare.com/ajax/libs/foundation/5.5.3/css/ 161 KB
17 KB 44ms
21ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/foundation/5.5.3/css/foundation.min.css

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35376cedab550837a894b5336dc978e65c7880960efa135709a5f5c02d874077

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1049229
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16611
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:12 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e64-28540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLGdAdahQ36qnC3W1gY0vX1RyS9RUWf9hrYqzZkKJgk7s3ztRvqIm58OU4D4qngITAq8ofw%2F0%2BU81Xeb5cyucv2fwVTW8ATnJVVRJZdZw87aoXT7EnZcFKPsi8rLziKC104ymxYEpOhILcmpAktFE7iO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 691f30646a4068f8-FRA
expires: Sun, 11 Sep 2022 00:31:09 GMT

GET
H2 200 jquery-ui.min.css
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/ 29 KB
7 KB 38ms
16ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.css

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

550ceb9559bb4237527909ff21e719804f6b9df337f741f756821c0c9963392b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 682990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6421
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-75d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkFeTO6LHDEc6G4J0Xi89ALGcG3Q3dIMKONSmoGOwCQLg1vQeHkKkAgSbdLOxG2SBST0GYPcHHazfbSg9zPGcO8AsZrqIDNQ53Ct4iTz7jtr0cGfFSKxIDbm2T3o7u0xErKbRIiw7WpiVXQLRgBujHwQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 691f30646a4368f8-FRA
expires: Sun, 11 Sep 2022 00:31:09 GMT

GET
H2 200 application.css
appfelstrudel.com/static_assets/ 1 KB
880 B 21ms
19ms Stylesheet
text/css 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appfelstrudel.com/static_assets/application.css
Requested by: Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb9fe6b9f0b60051b86e2bc7e447c1accca9ed8ace53dc301dd2424445d44cc1

Request headers

:path: /static_assets/application.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: appfelstrudel.com
referer: https://appfelstrudel.com/q-oxygen-mobile-banking
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/q-oxygen-mobile-banking
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3048
cf-polished: origSize=2369
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 04 May 2021 16:36:45 GMT
server: cloudflare
etag: W/"6e0848db65d996c0487beb801b474e2ba215080a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAz%2FCHXN9DskSV6hjJXUswIhoguWgednN3ox9dcE1KP50we%2FtVp%2BH4rltNwCYNrSE%2F5HVJTa0hcsl2wSYr0RutOJIkQUmuwqYVIPhNluoiNNwSTYAUpYjmMlKz7CsNHNKC1VVGlfWH4Wkkh14J%2FeEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 691f30644ab3637d-FRA
cf-bgj: minify

GET
H2 200 modernizr.js Show response
cdnjs.cloudflare.com/ajax/libs/foundation/5.5.3/js/vendor/ 11 KB
4 KB 47ms
25ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/foundation/5.5.3/js/vendor/modernizr.js

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f175ba1a86dca89a1b1c8cded4cb6d76acc15e976cba8bdc3c8c95820adf716

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13029366
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4066
cf-request-id: 099ec0369800004e2c3d127000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:12 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e64-2c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2By2K%2FSrZuer1sSIWSgpuC6TFGdKskSb5Yea4O%2FAtmuAKfRhY1Y%2BsKKmObYyECax%2F337ILNxG%2BqkHKJ%2Fvx1%2BDicM4fKd5oP54NymhG4O%2FMKDwwBRUD6WE%2BVCU2OYM9OJNE6xS032ftZKqkfYrnQ%2F9SyQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 691f30646a4568f8-FRA
expires: Sun, 11 Sep 2022 00:31:09 GMT

GET
H2 200 jquery.js Show response
cdnjs.cloudflare.com/ajax/libs/foundation/5.5.3/js/vendor/ 83 KB
27 KB 46ms
24ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/foundation/5.5.3/js/vendor/jquery.js

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a931b60725e51020c4ea40d533bfc2b99e03fb490ce62ab3aa5d648e09c6f72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2266040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26947
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:12 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e64-14b16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xL7ztRxF3oMxdzFZy72UgfBwjNMnnaJ1GDqRSYYT8VX3jax4N0zGOD3%2BI%2BYPEk7vq%2BgKD%2Fg1yo7uEfkwXnFZbNb7ulS0LTZB%2BTvL8UpVUL9CNoo6sXAwqASbrrUd3%2B0Ilv7QtLsKl4iPq0yFseTTDb2I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 691f30646a4668f8-FRA
expires: Sun, 11 Sep 2022 00:31:09 GMT

GET
H2 200 jquery-ui.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/ 235 KB
53 KB 51ms
29ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 683022
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54095
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-3ab2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nl7nX59O9kl%2F%2FcCaiPUX45AgmcXV6JMRdA98w%2FmEH%2F6XEg%2Fyn8hwi%2BS9%2F8uegHAiDXckJp5pv9qHbILK4Qz1q10RrJhJSlr2JHf5UqTdeoBm72y61qEvDJFBxGU%2F4nJN5Z2GAl24xzdA7%2BPld%2FflNiKg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 691f30646a4868f8-FRA
expires: Sun, 11 Sep 2022 00:31:09 GMT

GET
H2 200 foundation.min.js Show response
cdnjs.cloudflare.com/ajax/libs/foundation/5.5.3/js/ 107 KB
24 KB 38ms
17ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/foundation/5.5.3/js/foundation.min.js

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

297ca9748cbbe4f3c7b1b11a564ae106f95083c5d3432f0dbda973ac8c4cadca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13531293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24340
cf-request-id: 0980d56df10000d6f5d7144000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:12 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e64-1aaae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LakE9lA8loKltPyVPtJGOhePyaT2UpAX9kJLkWxXVZSO1L5StRoaZNMD2vKvXGFFmY393yGZyW71CHRPoEpOKEAqKnLyt6D0HFaPwSoj0torSbnzP0k2MIUv7%2Fi5t7NsquEAs10a%2FybmWbYgji0LjVr0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 691f30646a4b68f8-FRA
expires: Sun, 11 Sep 2022 00:31:09 GMT

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@8.17.0/dist/ 7 KB
3 KB 29ms
7ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@8.17.0/dist/lazyload.min.js

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9cecda2749deb063ccda4cb1f655f8cea6baf8140071b53ec7804314216a7170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 432176
x-jsd-version: 8.17.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2509
etag: W/"1a92-7Rr+j03c9K3z5XLn5j6z91dVdCo"
x-served-by: cache-fra19153-FRA
x-jsd-version-type: version
date: Tue, 21 Sep 2021 00:31:09 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 application.js Show response
appfelstrudel.com/static_assets/ 89 B
467 B 14ms
13ms Script
application/x-javascript 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appfelstrudel.com/static_assets/application.js?refresh=1
Requested by: Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494547ec811bf0d3ad83340da1aedd80e70438b60c1f0b9b645192a64ce19b39

Request headers

:path: /static_assets/application.js?refresh=1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: appfelstrudel.com
referer: https://appfelstrudel.com/q-oxygen-mobile-banking
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/q-oxygen-mobile-banking
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3048
cf-polished: origSize=113
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 04 May 2021 16:36:45 GMT
server: cloudflare
etag: W/"4aacdb64a735b4c82e36d25a58ddf8e2807f7847"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEPSpm1Fg61meZR4bG4GkhAnBxkd7Wvdt6CA5w67G5orQxM0BOlL6NcMa1AyKNG%2FWyIxfswn5IgNytFCq2cIIU0Gii57H6ZJbCh%2F4RZYjL%2FPOfeYxu2UxnrXDOI5oZ3yWcCmikVP6J1bhoBRbPwUMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=2678400
cf-ray: 691f30644ab4637d-FRA
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 89ms
38ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae08717f804c68188e492d3ade43083dd763e1bf3b575a457a3c71463e6a9865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49141
x-xss-protection: 0
server: cafe
etag: 7482758782849896606
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 00:31:09 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
1 KB 35ms
14ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 684677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 948
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Wid8DuQW%2B7sUrHZTPT%2FcORHqriCtrR0ZBqV%2B9Mpxswnvp9n9RmpS%2FzRJpXMXzYeGuVUQ3Hj%2FrtW8nPMDhISSAugMQVgc5c46TzMumkHO%2F%2F3fEpr%2BhJ%2FzStVzNX2RpoWgq7XTMsKh7Esi5hElSqeVZhK"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 691f30646a4468f8-FRA
expires: Sun, 11 Sep 2022 00:31:09 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 34ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 442917
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5676
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPa94prPh%2BUFyzU7h1H9ummXTOHMrAcXI2gzXSNsfjJ3MrJqvIbMF5g3PEjnNgqSu4bYhCW7nn1Bpl0E01w60WsCyMUHCaAULaUu%2FSzRqJLR5oKJ9v%2Fn7IfzdbAjiXVPT%2F2fHTRkgIrQo9yoE3r4GvAw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 691f30646a4968f8-FRA
expires: Sun, 11 Sep 2022 00:31:09 GMT

GET
H2 200 download_button.svg
appfelstrudel.com/static_assets/ 12 KB
5 KB 19ms
19ms Image
image/svg+xml 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://appfelstrudel.com/static_assets/download_button.svg
Requested by: Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132

Request headers

:path: /static_assets/download_button.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: appfelstrudel.com
referer: https://appfelstrudel.com/q-oxygen-mobile-banking
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/q-oxygen-mobile-banking
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 16:36:45 GMT
server: cloudflare
age: 5484
etag: W/"5eb1a238a24f928783bfdf3e8b093e1b38aebe88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cveZeo3XxrV3W3UP7nzbR%2BbXPGipzU%2FFVJ2rWy5usMk7%2BSa4H6LV5JX5OhwWkevAlBhUFdrcC9cnrM9pehJIoLl8lrNKC3aGgd%2FoOCngH2mC5ofz7VSLy0wweZTXiE1FFY75lrDnyN90TOFyxbzgEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 691f3064cac3637d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 email-decode.min.js Show response
appfelstrudel.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
9ms Script
application/javascript 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://appfelstrudel.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: appfelstrudel.com
referer: https://appfelstrudel.com/q-oxygen-mobile-banking
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/q-oxygen-mobile-banking
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 17 Sep 2021 09:29:40 GMT
server: cloudflare
etag: W/"61446004-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UclU14u1ccBAoQkZhD%2Fi0aQtouuqO4P9SoQiLYs3gFAqq2DJ%2FrxYxiwHjOpEfDRqMXcnVTgaaPyviizzx9SIEIRjC%2FnsDW7%2B2GdKX5rVIhh32Xv8e3Yn4n6qlVOVzPNxqIcBYj4KcSPxJpWt8te9pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 691f3064babe637d-FRA
vary: Accept-Encoding
expires: Thu, 23 Sep 2021 00:31:09 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 79ms
35ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4efeeb957e361500bf19ba26282beae1a8e4083c5ccff10dccab2eaa09acd45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: gzip
last-modified: Tue, 14 Sep 2021 15:43:35 GMT
server: cloudflare
etag: W/2021.8.2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 691f30653b464e55-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5949
date: Mon, 20 Sep 2021 22:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 21 Sep 2021 00:52:00 GMT

GET
DATA 200
OK truncated
/ 219 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3712c17c27414c5a3981a0c1946d831001f5ad4e45b62577c08928c37f6ec8d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ui-bg_highlight-soft_100_eeeeee_1x100.png
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/images/ 125 B
487 B 18ms
17ms Image
image/png 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/images/ui-bg_highlight-soft_100_eeeeee_1x100.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

224ce4a8018b76b077702252eb5bc82676ad9a83bb52569c5e8a3c8ee302d159

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5162724
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 129
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfL5Y8yVcRRY626OGZSj8RuaxbRGCX2EF2dQBF2uW%2FuBtkydPsw67hxNjsCFFmrK27kPgz1tYxPbqhU2qRYOFTLDb2zKhqFhTcWtD1CJVUXLawLF4AM03YG%2B5hW3fhQ%2BwqJ5g5ElhLov0b0NZ2GHu3Mv"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 691f30656ba868f8-FRA
expires: Sun, 11 Sep 2022 00:31:09 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 15ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=589774559&t=pageview&_s=1&dl=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&ul=en-us&de=UTF-8&dt=Top%2010%20Apps%20like%20Oxygen%20Mobile%20Banking%20in%202021%20for%20iPhone%20%26%20iPad&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1949814678&gjid=1773304444&cid=1579165863.1632184270&tid=UA-40429950-3&_gid=312608195.1632184270&_r=1&_slc=1&z=489380788

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://appfelstrudel.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:31:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://appfelstrudel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/ 253 KB
94 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4211226737511205&plah=appfelstrudel.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d21c8bd2e8b2f5a56b540807fec034374ae70b88dc022ee1e6db57431e3899c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95714
x-xss-protection: 0
server: cafe
etag: 3232603846146272685
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 00:31:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210916/r20190131/ Frame 02CC 10 KB
5 KB 33ms
7ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210916/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210916/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appfelstrudel.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 21 Sep 2021 00:23:02 GMT
expires: Tue, 05 Oct 2021 00:23:02 GMT
content-type: text/html; charset=UTF-8
etag: 14847953055219580247
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4613
x-xss-protection: 0
age: 487
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 512x512bb.jpg
is4-ssl.mzstatic.com/image/thumb/Purple115/v4/fb/59/f1/fb59f120-ec97-1873-0561-455cc14b7b32/source/ 15 KB
16 KB 152ms
15ms Image
image/jpeg 2a02:26f0:6c00:1b8::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is4-ssl.mzstatic.com/image/thumb/Purple115/v4/fb/59/f1/fb59f120-ec97-1873-0561-455cc14b7b32/source/512x512bb.jpg

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1b8::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ATS/9.0.3 /

Resource Hash

21ff5348dd0a83e66ccf41519a807f0c2c45d01d9c0175e28fdc4de5879064c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-apple-jingle-correlation-key: RWLNQGN7QPSWSME55QYRUTE5BQ
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE2LjEtMjFJLDE5RTI2NiwxNjI2MDYxMDk5NzcyLGlzQnVpbGRWZXJzaW9uTm90U2V0LDcwMjYzLG5vRWZmZWN0"
x-b3-traceid: 8d96d819bf83e569309dec311a4c9d0c
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:21HOTFIX14
x-apple-request-uuid: 8d96d819-bf83-e569-309d-ec311a4c9d0c
b3: 8d96d819bf83e569309dec311a4c9d0c-94b166a51e6b2296
content-length: 15720
server: ATS/9.0.3
x-cache: TCP_MISS from a2-16-187-61.deploy.akamaitechnologies.com (AkamaiGHost/10.5.0-35592015) (-)
apple-tk: false
last-modified: Mon, 12 Jul 2021 03:38:19 GMT
x-cache-remote: TCP_MISS from a2-20-143-111.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
apple-seq: 0.0
date: Tue, 21 Sep 2021 00:31:09 GMT
apple-originating-system: UnknownOriginatingSystem
timing-allowed-origin: *.apple
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=8292131
x-b3-spanid: 94b166a51e6b2296
content-type: image/jpeg
cdnuuid: 843bb6b3-6499-4170-b374-ed4945f113d5-1500528900

GET
H2 200 392x696bb.jpg
is5-ssl.mzstatic.com/image/thumb/Purple124/v4/aa/91/7c/aa917c0a-7737-096c-3722-f9beddcb6e9c/pr_source.jpg/ 58 KB
59 KB 169ms
33ms Image
image/jpeg 2a02:26f0:6c00:192::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is5-ssl.mzstatic.com/image/thumb/Purple124/v4/aa/91/7c/aa917c0a-7737-096c-3722-f9beddcb6e9c/pr_source.jpg/392x696bb.jpg

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:192::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ATS/9.0.3 /

Resource Hash

e411c3a854a411cb45294480fc14876964a40314416e9c351ac9df5c33daa134

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-apple-jingle-correlation-key: BRC7RBTAUGEAXAYRLVNKXJMVDU
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE3LjMtMjFKLDIwRTI0MSwxNjMxMjA5MTk1NzQxLGlzQnVpbGRWZXJzaW9uTm90U2V0LDUwMTk0LG5vRWZmZWN0"
x-b3-traceid: 0c45f88660a1880b83115d5aaba5951d
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:21RELEASE150:daiquiri-amp-processing-shared-int-001-mr
x-apple-request-uuid: 0c45f886-60a1-880b-8311-5d5aaba5951d
b3: 0c45f88660a1880b83115d5aaba5951d-c5aff4c30a9884d4
content-length: 59314
server: ATS/9.0.3
x-cache: TCP_MISS from a2-16-187-142.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
apple-tk: false
last-modified: Thu, 09 Sep 2021 17:39:55 GMT
x-cache-remote: TCP_MISS from a193-108-94-169.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
apple-seq: 0.0
date: Tue, 21 Sep 2021 00:31:09 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=15539481
x-b3-spanid: c5aff4c30a9884d4
cdnuuid: 8a773084-cca6-4f90-a956-4be7e4d9cccc-2244373436

GET
H2 200 512x512bb.jpg
is3-ssl.mzstatic.com/image/thumb/Purple124/v4/a8/21/46/a82146ee-f5de-758b-c683-cc19dc812bfa/source/ 32 KB
33 KB 149ms
13ms Image
image/jpeg 2a02:26f0:6c00:194::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is3-ssl.mzstatic.com/image/thumb/Purple124/v4/a8/21/46/a82146ee-f5de-758b-c683-cc19dc812bfa/source/512x512bb.jpg

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:194::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ATS/9.0.3 /

Resource Hash

956ad562a40bc7eaaa3636a4d922dd5b2181f4c5d5da96d32bda586435b574d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-apple-jingle-correlation-key: PFONLREBRDOSKLC22XBREOTWHM
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE3LjMtMjFKLDIwRTI0MSwxNjMxMTk1ODU5Nzg1LGlzQnVpbGRWZXJzaW9uTm90U2V0LDYwMjQ0LG5vRWZmZWN0"
x-b3-traceid: 795cd5c48188dd252c5ad5c3123a763b
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:21RELEASE150:daiquiri-amp-processing-shared-int-001-pv
x-apple-request-uuid: 795cd5c4-8188-dd25-2c5a-d5c3123a763b
b3: 795cd5c48188dd252c5ad5c3123a763b-3fedd3196c252bab
content-length: 32966
server: ATS/9.0.3
x-cache: TCP_MISS from a2-16-187-23.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
apple-tk: false
last-modified: Thu, 09 Sep 2021 13:57:39 GMT
x-cache-remote: TCP_MISS from a193-108-94-145.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
apple-seq: 0.0
date: Tue, 21 Sep 2021 00:31:09 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=13141438
x-b3-spanid: 3fedd3196c252bab
cdnuuid: 92d4a79b-2591-403d-a1b1-0771f142a3cd-2936048890

GET
H2 200 392x696bb.png
is5-ssl.mzstatic.com/image/thumb/PurpleSource124/v4/be/bc/14/bebc148d-9da3-ca3a-af6a-5c8a11b1e7dd/7a41383e-8e81-4ee6-a9ef-c0ab3dc24e11_Accounts_iPhone_1242x2208_p.png/ 109 KB
110 KB 163ms
27ms Image
image/png 2a02:26f0:6c00:192::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is5-ssl.mzstatic.com/image/thumb/PurpleSource124/v4/be/bc/14/bebc148d-9da3-ca3a-af6a-5c8a11b1e7dd/7a41383e-8e81-4ee6-a9ef-c0ab3dc24e11_Accounts_iPhone_1242x2208_p.png/392x696bb.png

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:192::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ATS/9.0.3 /

Resource Hash

e1442350d14e58581d58167d4b34f431dc3d15b240e517885bb7db15b2099797

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-apple-jingle-correlation-key: CSWZFNOYDNAJKGZV6J6JVTSHBA
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE3LjMtMjFKLDIwRTI0MSwxNjMwOTQ4Njg3NjU4LGlzQnVpbGRWZXJzaW9uTm90U2V0LDYwMjA3LG5vRWZmZWN0"
x-b3-traceid: 14ad92b5d81b40951b35f27c9ace4708
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:21RELEASE140:daiquiri-amp-processing-shared-int-001-pv
x-apple-request-uuid: 14ad92b5-d81b-4095-1b35-f27c9ace4708
b3: 14ad92b5d81b40951b35f27c9ace4708-fb1307595c9d460c
content-length: 111202
server: ATS/9.0.3
x-cache: TCP_MISS from a2-16-187-142.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
apple-tk: false
last-modified: Mon, 06 Sep 2021 17:18:07 GMT
x-cache-remote: TCP_MISS from a193-108-94-143.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
apple-seq: 0.0
date: Tue, 21 Sep 2021 00:31:09 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=15716314
x-b3-spanid: fb1307595c9d460c
cdnuuid: 2fdf674e-9143-4cfd-aec3-41670bb8ec44-3041618541

GET
H2 200 512x512bb.jpg
is2-ssl.mzstatic.com/image/thumb/Purple115/v4/bc/33/64/bc3364ba-eb87-5e85-e9c5-b087448692e3/source/ 26 KB
27 KB 144ms
8ms Image
image/jpeg 2a02:26f0:6c00:183::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is2-ssl.mzstatic.com/image/thumb/Purple115/v4/bc/33/64/bc3364ba-eb87-5e85-e9c5-b087448692e3/source/512x512bb.jpg

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:183::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ATS/9.0.3 /

Resource Hash

a034cf9b40f8d3bcdf0277bf5c19aef2ff9810d213b65533dbe9d91f2a60ebb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-apple-jingle-correlation-key: QSALLDFOZMSGADAZASUCB662IY
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE3LjMtMjFKLDIwRTI0MSwxNjMwODQyOTgxOTgwLGlzQnVpbGRWZXJzaW9uTm90U2V0LDYwMDk5LG5vRWZmZWN0"
x-b3-traceid: 8480b58caecb24600c1904a820fbda46
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:21RELEASE140:daiquiri-amp-processing-shared-int-001-pv
x-apple-request-uuid: 8480b58c-aecb-2460-0c19-04a820fbda46
b3: 8480b58caecb24600c1904a820fbda46-f831b4123ec5183d
content-length: 26223
server: ATS/9.0.3
x-cache: TCP_MISS from a2-16-187-7.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
apple-tk: false
last-modified: Sun, 05 Sep 2021 11:56:21 GMT
x-cache-remote: TCP_HIT from a2-16-187-141.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
apple-seq: 0.0
date: Tue, 21 Sep 2021 00:31:09 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=15105427
x-b3-spanid: f831b4123ec5183d
cdnuuid: 06e6f1b1-baa1-4502-9095-4f6c25046624-1556729565

GET
H2 200 392x696bb.png
is4-ssl.mzstatic.com/image/thumb/PurpleSource115/v4/c3/a2/e1/c3a2e1c6-b395-2e18-d7de-2668d8c75bd5/9aff6ca9-31c3-4c55-8fc3-414bbf8c3981_LLOYDS_5.5_1.png/ 153 KB
154 KB 166ms
30ms Image
image/png 2a02:26f0:6c00:1b8::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is4-ssl.mzstatic.com/image/thumb/PurpleSource115/v4/c3/a2/e1/c3a2e1c6-b395-2e18-d7de-2668d8c75bd5/9aff6ca9-31c3-4c55-8fc3-414bbf8c3981_LLOYDS_5.5_1.png/392x696bb.png

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1b8::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ATS/9.0.3 /

Resource Hash

18eecf90d22512cb5a360236e675da11ab6b5e376659ab82487267f53311d99f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-apple-jingle-correlation-key: W4GLKHQIH5GCZY5V2MRACBYS5M
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE3LjEtMjFKLDIwRTI0MSwxNjMwMTc1OTkxNzIyLGlzQnVpbGRWZXJzaW9uTm90U2V0LDYwMjMwLG5vRWZmZWN0"
x-b3-traceid: b70cb51e083f4c2ce3b5d322010712eb
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:21RELEASE140:daiquiri-amp-processing-shared-int-001-pv
x-apple-request-uuid: b70cb51e-083f-4c2c-e3b5-d322010712eb
b3: b70cb51e083f4c2ce3b5d322010712eb-3333803a438c8f14
content-length: 156908
server: ATS/9.0.3
x-cache: TCP_MISS from a2-16-187-61.deploy.akamaitechnologies.com (AkamaiGHost/10.5.0-35592015) (-)
apple-tk: false
last-modified: Sat, 28 Aug 2021 18:39:51 GMT
x-cache-remote: TCP_MISS from a193-108-94-166.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
apple-seq: 0.0
date: Tue, 21 Sep 2021 00:31:09 GMT
apple-originating-system: UnknownOriginatingSystem
timing-allowed-origin: *
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=13279144
x-b3-spanid: 3333803a438c8f14
content-type: image/png
cdnuuid: 41d41a6f-d600-420a-9e68-9a88ae8d2026-3056638641

GET
H2 200 512x512bb.jpg
is5-ssl.mzstatic.com/image/thumb/Purple114/v4/a5/62/21/a56221a9-4c4e-eb8e-4133-8e5f94883a51/source/ 21 KB
22 KB 199ms
63ms Image
image/jpeg 2a02:26f0:6c00:192::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is5-ssl.mzstatic.com/image/thumb/Purple114/v4/a5/62/21/a56221a9-4c4e-eb8e-4133-8e5f94883a51/source/512x512bb.jpg

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:192::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ATS/9.0.3 /

Resource Hash

b490db24713ee2eb68e6fb60bea19cc70251c295cc2486688d9a7fe3a9925eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-apple-jingle-correlation-key: BFS72NTDWZYBEIZLHSOM2ZYP6A
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE3LjMtMjFKLDIwRTI0MSwxNjMwNTU1NTM4MTY5LGlzQnVpbGRWZXJzaW9uTm90U2V0LDUwMTY1LG5vRWZmZWN0"
x-b3-traceid: 0965fd3663b67012232b3c9ccd670ff0
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:21RELEASE140:daiquiri-amp-processing-shared-int-001-mr
x-apple-request-uuid: 0965fd36-63b6-7012-232b-3c9ccd670ff0
b3: 0965fd3663b67012232b3c9ccd670ff0-75b4ce8439799ed9
content-length: 21596
server: ATS/9.0.3
x-cache: TCP_MISS from a2-16-187-142.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
apple-tk: false
last-modified: Thu, 02 Sep 2021 04:05:38 GMT
x-cache-remote: TCP_MISS from a193-108-94-147.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
apple-seq: 0.0
date: Tue, 21 Sep 2021 00:31:09 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=13869894
x-b3-spanid: 75b4ce8439799ed9
cdnuuid: c23c5027-65d1-41d6-8adb-498dd3e3a3cf-3612925354

GET
H2 200 392x696bb.png
is5-ssl.mzstatic.com/image/thumb/Purple123/v4/6d/4d/36/6d4d36f2-86e1-62ac-a7a7-0ef0a2deb30d/pr_source.png/ 234 KB
236 KB 1055ms
919ms Image
image/png 2a02:26f0:6c00:192::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is5-ssl.mzstatic.com/image/thumb/Purple123/v4/6d/4d/36/6d4d36f2-86e1-62ac-a7a7-0ef0a2deb30d/pr_source.png/392x696bb.png

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:192::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ATS/9.0.3 /

Resource Hash

45a554bfd9def9b99b9d0355226ad08577014af3a2db1c8aeedcfb4fde879d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-apple-jingle-correlation-key: GZU2BTDRJFTVXIW243HXMNPIVU
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE3LjMtMjFKLDIwRTI0MSwxNjMyMTg0MjcwNjMwLGlzQnVpbGRWZXJzaW9uTm90U2V0LDYwMTk2LG5vRWZmZWN0"
x-b3-traceid: 3669a0cc7149675ba2dae6cf7635e8ad
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:21RELEASE150:daiquiri-amp-processing-shared-int-001-pv
x-apple-request-uuid: 3669a0cc-7149-675b-a2da-e6cf7635e8ad
b3: 3669a0cc7149675ba2dae6cf7635e8ad-c00a54b817df70e6
content-length: 239967
server: ATS/9.0.3
x-cache: TCP_MISS from a2-16-187-142.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
apple-tk: false
last-modified: Tue, 21 Sep 2021 00:31:10 GMT
x-cache-remote: TCP_MISS from a193-108-94-163.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
apple-seq: 0.0
date: Tue, 21 Sep 2021 00:31:10 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=15871450
x-b3-spanid: c00a54b817df70e6
cdnuuid: 491b4fc0-0d83-4634-834f-1f9e226f880c-1330315929

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
461 B 46ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-40429950-3&cid=1579165863.1632184270&jid=1949814678&gjid=1773304444&_gid=312608195.1632184270&_u=IEBAAEAAAAAAAC~&z=1592984454

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://appfelstrudel.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 21 Sep 2021 00:31:09 GMT
content-type: text/plain
access-control-allow-origin: https://appfelstrudel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 207 B
661 B 66ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=appfelstrudel.com&callback=_gfp_s_&client=ca-pub-4211226737511205

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4211226737511205&plah=appfelstrudel.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ee36e8cf331eb906a190347b577f747468c5379da618c86eb6eb4adc053c4e6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 68ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=appfelstrudel.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 37ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=appfelstrudel.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9250 151 KB
39 KB 390ms
389ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&adk=1812271804&adf=3025194257&lmt=1632183493&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269686&bpp=3&bdt=224&idt=72&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6917528955580&frm=20&pv=2&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=87

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

696dd29e81070f430ed09c10c95bc0d5f350ececa5b8406b2f20501f9ba3644d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4211226737511205&output=html&adk=1812271804&adf=3025194257&lmt=1632183493&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269686&bpp=3&bdt=224&idt=72&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6917528955580&frm=20&pv=2&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=87
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appfelstrudel.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 21 Sep 2021 00:31:10 GMT
server: cafe
content-length: 40164
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 21-Sep-2021 00:46:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 21 Sep 2021 00:31:10 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 69ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b49f9c1fdfb1d6199509d3d33ceb8c3355f15f8f12f9e97be20c8616d375be7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
server: sffe
etag: "1632137829538267"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Tue, 21 Sep 2021 00:31:09 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9C98 102 KB
36 KB 560ms
560ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=3935758654&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269689&bpp=1&bdt=227&idt=89&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GkrlxWd1dx&p=https%3A//appfelstrudel.com&dtd=94

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a969d3965e81d489e09393d7bb696e5bb9d4cca260d8d7d24d22c8c8af9ca5c

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKyC8JzojvMCFTzJuwgd6JkNwg&gqi=zSdJYb6oMKbd7_UP5cC5yA0&layout=/sadbundle/%24csp%253Der3%24/6212998800990712918/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=3935758654&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269689&bpp=1&bdt=227&idt=89&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GkrlxWd1dx&p=https%3A//appfelstrudel.com&dtd=94
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appfelstrudel.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKyC8JzojvMCFTzJuwgd6JkNwg&gqi=zSdJYb6oMKbd7_UP5cC5yA0&layout=/sadbundle/%24csp%253Der3%24/6212998800990712918/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 21 Sep 2021 00:31:10 GMT
server: cafe
content-length: 36276
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 21-Sep-2021 00:46:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 21 Sep 2021 00:31:10 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F749 77 KB
26 KB 482ms
482ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=25443572&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269690&bpp=1&bdt=228&idt=95&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=1896&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BNph6rxXXh&p=https%3A//appfelstrudel.com&dtd=98

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d514b0fcbfc6725ee9f2d3c3602d6a40c3d6118b353879a995b763f29040d7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=25443572&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269690&bpp=1&bdt=228&idt=95&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=1896&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BNph6rxXXh&p=https%3A//appfelstrudel.com&dtd=98
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appfelstrudel.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 21 Sep 2021 00:31:10 GMT
server: cafe
content-length: 26510
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 21-Sep-2021 00:46:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 21 Sep 2021 00:31:10 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6462 80 KB
27 KB 546ms
546ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=1040374482&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269691&bpp=1&bdt=229&idt=99&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=wmBaJfeDEC&p=https%3A//appfelstrudel.com&dtd=103

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d36539cdb0c01e1ba01087ee31f0cd7990e555ad7ef41cf860ff9f94d2b46ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=1040374482&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269691&bpp=1&bdt=229&idt=99&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=wmBaJfeDEC&p=https%3A//appfelstrudel.com&dtd=103
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appfelstrudel.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 21 Sep 2021 00:31:10 GMT
server: cafe
content-length: 27095
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 21-Sep-2021 00:46:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 21 Sep 2021 00:31:10 GMT
cache-control: private

GET
H2 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/ 145 KB
52 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/reactive_library_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

932a40f7e0e24b57ef30c8e78b9cbbea778e8798f5b6d5bf3506d8b4077710ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53055
x-xss-protection: 0
server: cafe
etag: 9763269731983557
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 00:31:10 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 19ms
18ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=appfelstrudel.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Sep 2021 00:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
18ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=appfelstrudel.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Sep 2021 00:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3B16 110 KB
39 KB 597ms
596ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=80&adk=2351984501&adf=2203902367&pi=t.aa~a.459020128~rp.4&w=736&lmt=1632183493&nsk=16ba37c4&rafmt=11&pwprc=8306480574&psa=0&ad_type=text_image&format=736x80&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184270199&bpp=2&bdt=737&idt=2&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbbc40b08f5f89d6-226a3aec3dc90048%3AT%3D1632184269%3ART%3D1632184269%3AS%3DALNI_MbOeMxsMKOiIYt6tFTbBn6T9kCspQ&prev_fmts=0x0%2C336x280%2C336x280%2C336x280&nras=2&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=557&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WLX7lJkuOY&p=https%3A//appfelstrudel.com&dtd=13

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570bd2850b2474f190c61445ce44d5383d5a95b00baf68dd2c1b0ff0bd7db72f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4211226737511205&output=html&h=80&adk=2351984501&adf=2203902367&pi=t.aa~a.459020128~rp.4&w=736&lmt=1632183493&nsk=16ba37c4&rafmt=11&pwprc=8306480574&psa=0&ad_type=text_image&format=736x80&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184270199&bpp=2&bdt=737&idt=2&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbbc40b08f5f89d6-226a3aec3dc90048%3AT%3D1632184269%3ART%3D1632184269%3AS%3DALNI_MbOeMxsMKOiIYt6tFTbBn6T9kCspQ&prev_fmts=0x0%2C336x280%2C336x280%2C336x280&nras=2&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=557&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WLX7lJkuOY&p=https%3A//appfelstrudel.com&dtd=13
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appfelstrudel.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 21 Sep 2021 00:31:10 GMT
server: cafe
content-length: 39999
x-xss-protection: 0
set-cookie: IDE=AHWqTUnl7RKYX06fLNMdGFGq4osNrJbJSxOd4u0nFJjzULnCCaOWWpGbHMwU_Eta2M8; expires=Sun, 16-Oct-2022 00:31:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 21 Sep 2021 00:31:10 GMT
cache-control: private

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=appfelstrudel.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Sep 2021 00:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=appfelstrudel.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Sep 2021 00:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/ Frame F0C3 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appfelstrudel.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 20 Sep 2021 01:04:49 GMT
expires: Mon, 04 Oct 2021 01:04:49 GMT
content-type: text/html; charset=UTF-8
etag: 14847953055219580247
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4613
x-xss-protection: 0
age: 84381
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame F0C3 4 KB
706 B 44ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 22:59:42 GMT
server: ESF
date: Tue, 21 Sep 2021 00:31:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Sep 2021 00:31:10 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F0C3 205 B
764 B 33ms
6ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 13:54:50 GMT
x-content-type-options: nosniff
age: 38180
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 20 Sep 2022 13:54:50 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F0C3 604 B
695 B 33ms
7ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 19:55:10 GMT
x-content-type-options: nosniff
age: 102960
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 19 Sep 2022 19:55:10 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/elements/html/ Frame F0C3 17 KB
8 KB 62ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e02fb5c325499a5c9c1bf74dc6fc6af5117263af30e0f58e28d9d6a6a2b8803f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 21:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7680
x-xss-protection: 0
server: cafe
etag: 7151105853351230339
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 21:29:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F749 4 KB
1 KB 24ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=25443572&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269690&bpp=1&bdt=228&idt=95&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=1896&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BNph6rxXXh&p=https%3A//appfelstrudel.com&dtd=98

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:00:15 GMT
server: ESF
date: Tue, 21 Sep 2021 00:31:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Sep 2021 00:31:10 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame F749 1 KB
959 B 44ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 00:05:41 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/ Frame F749 18 KB
8 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 00:28:06 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame F749 3 KB
1 KB 39ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 23:59:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 23:59:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame F749 14 KB
6 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 23:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 23:36:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F749 128 KB
39 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f6a3511472d75e0a1c1fa830124b68279af32e7f37d7899257134c259c6ea3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1632137836110461"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Tue, 21 Sep 2021 00:31:10 GMT

GET
H2 200 8b8c639f95e935c054a6465040a495ee.js Show response
www.gstatic.com/mysidia/ Frame F749 26 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 09:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10883
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 04:03:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sat, 18 Dec 2021 09:35:53 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14064462811705544626/ Frame F749 16 KB
16 KB 36ms
13ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14064462811705544626/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2551f46b04d62731402c1bec6a496a3b3fd6412ebad33d6b51a284b29dbe1d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:16:30 GMT
x-content-type-options: nosniff
age: 317680
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16303
x-xss-protection: 0
last-modified: Wed, 23 Jan 2019 22:50:04 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Sep 2022 08:16:30 GMT

GET
DATA 200
OK truncated
/ Frame F749 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame F749 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cb8u-zSdJYa6hMebC7_UPwOSJ8A6MqovoYtKQmej5CI3Gpsj9ERABILW4zANglZr7gZQHoAHdzLjvA8gBCakCGEMp1birsz6oAwHIA8sEqgTQAU_Q-X_PQBCkv2SwxtNgfoLiAc9ATd_h2gMgUJXlHqPh-CH89GqDxwPzoDN0xPMn2iGIw4q2ERlG8SpCOkdaO8G901eGBtBV8g0BZoyuTy9GL5XB17T4okKWohR8v4WD7BlL2ZqL36X1y7H4ancRVORj_ASwxs0EB4iMtciDXNp6MK7yXmh52H-DSzE4kmZn8bTnSclPej93ft9bgRF6Z0155hMJACjubs88-c4ui8BoC9lGriJBTTyD9g1HA_W1h8S4BELN_fPRxXt6zDKfROvABMyr34n7AZIFBAgEGAGSBQQIBRgEoAYugAeLs8cQqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBDxgEjSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMNiBQB0BUBgBcBshccChoIABIUcHViLTQyMTEyMjY3Mzc1MTEyMDUYAA&sigh=aH0XZwdq5C8&template_id=5000

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=25443572&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269690&bpp=1&bdt=228&idt=95&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=1896&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BNph6rxXXh&p=https%3A//appfelstrudel.com&dtd=98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 21 Sep 2021 00:31:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 21 Sep 2021 00:31:10 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5D7A 3 KB
651 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 22:54:02 GMT
server: ESF
date: Tue, 21 Sep 2021 00:31:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Sep 2021 00:31:10 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame 5D7A 1 KB
913 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 00:05:41 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/ Frame 5D7A 18 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 00:28:06 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame 5D7A 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 23:59:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 23:59:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D7A 128 KB
39 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f6a3511472d75e0a1c1fa830124b68279af32e7f37d7899257134c259c6ea3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1632137836110461"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Tue, 21 Sep 2021 00:31:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame 5D7A 14 KB
6 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 23:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 23:36:41 GMT

GET
H2 200 8b8c639f95e935c054a6465040a495ee.js Show response
www.gstatic.com/mysidia/ Frame 5D7A 26 KB
11 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 09:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10883
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 04:03:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sat, 18 Dec 2021 09:35:53 GMT

GET
DATA 200
OK truncated
/ Frame F749 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90b05ecfde2f8863e77b30a650d2089b157a573ba0e0a132f5402b14a2972e58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame F749 16 KB
16 KB 32ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 12:19:08 GMT
x-content-type-options: nosniff
age: 303122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 17 Sep 2022 12:19:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame F749 15 KB
15 KB 32ms
11ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 04:03:18 GMT
x-content-type-options: nosniff
age: 592072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 04:03:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6462 6 KB
742 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=1040374482&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269691&bpp=1&bdt=229&idt=99&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=wmBaJfeDEC&p=https%3A//appfelstrudel.com&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 00:18:00 GMT
server: ESF
date: Tue, 21 Sep 2021 00:31:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Sep 2021 00:31:10 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame 6462 1 KB
913 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=1040374482&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269691&bpp=1&bdt=229&idt=99&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=wmBaJfeDEC&p=https%3A//appfelstrudel.com&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 00:05:41 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/ Frame 6462 18 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=1040374482&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269691&bpp=1&bdt=229&idt=99&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=wmBaJfeDEC&p=https%3A//appfelstrudel.com&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 00:28:06 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame 6462 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=1040374482&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269691&bpp=1&bdt=229&idt=99&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=wmBaJfeDEC&p=https%3A//appfelstrudel.com&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 23:59:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 23:59:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6462 128 KB
39 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=1040374482&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269691&bpp=1&bdt=229&idt=99&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=wmBaJfeDEC&p=https%3A//appfelstrudel.com&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f6a3511472d75e0a1c1fa830124b68279af32e7f37d7899257134c259c6ea3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1632137836110461"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Tue, 21 Sep 2021 00:31:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame 6462 14 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=1040374482&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269691&bpp=1&bdt=229&idt=99&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=wmBaJfeDEC&p=https%3A//appfelstrudel.com&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 23:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 23:36:41 GMT

GET
H2 200 8b8c639f95e935c054a6465040a495ee.js Show response
www.gstatic.com/mysidia/ Frame 6462 26 KB
11 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=1040374482&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269691&bpp=1&bdt=229&idt=99&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=wmBaJfeDEC&p=https%3A//appfelstrudel.com&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 09:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10883
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 04:03:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sat, 18 Dec 2021 09:35:53 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/ Frame 9C98 18 KB
8 KB 18ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=3935758654&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269689&bpp=1&bdt=227&idt=89&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GkrlxWd1dx&p=https%3A//appfelstrudel.com&dtd=94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 00:28:06 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame 9C98 3 KB
1 KB 16ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=3935758654&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269689&bpp=1&bdt=227&idt=89&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GkrlxWd1dx&p=https%3A//appfelstrudel.com&dtd=94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 23:59:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 23:59:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C98 128 KB
39 KB 32ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=3935758654&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269689&bpp=1&bdt=227&idt=89&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GkrlxWd1dx&p=https%3A//appfelstrudel.com&dtd=94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f6a3511472d75e0a1c1fa830124b68279af32e7f37d7899257134c259c6ea3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1632137836110461"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Tue, 21 Sep 2021 00:31:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame 9C98 14 KB
6 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=3935758654&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269689&bpp=1&bdt=227&idt=89&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GkrlxWd1dx&p=https%3A//appfelstrudel.com&dtd=94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 23:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 23:36:41 GMT

GET
H2 200 gu-x2Md8DAd-Yn-E0ZViCQm3mkL4a428a8pOLKmNnXk.js Show response
pagead2.googlesyndication.com/bg/ Frame 95D9 34 KB
13 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gu-x2Md8DAd-Yn-E0ZViCQm3mkL4a428a8pOLKmNnXk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82efb1d8c77c0c077e627f84d195620909b79a42f86b8dbc6bca4e2ca98d9d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 20:22:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 360534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13143
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 16 Sep 2022 20:22:16 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/10663426639542154957/ Frame 6462 43 KB
43 KB 14ms
9ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10663426639542154957/2076313506083323656

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=1040374482&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269691&bpp=1&bdt=229&idt=99&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=wmBaJfeDEC&p=https%3A//appfelstrudel.com&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92efabf91f5647021d76da600b298c6858b5fadf30926ae3f5a59d291dadbc62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:15:56 GMT
x-content-type-options: nosniff
age: 450914
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43883
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 16:35:02 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Sep 2022 19:15:56 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5563666098633974283/ Frame 6462 3 KB
3 KB 14ms
12ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5563666098633974283/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=1040374482&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269691&bpp=1&bdt=229&idt=99&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=wmBaJfeDEC&p=https%3A//appfelstrudel.com&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

711666f2a16ff3ab94d415f9a1de7b0119d4927ab6a9cb7fdc2860692c2d0a23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:06:23 GMT
x-content-type-options: nosniff
age: 451487
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3432
x-xss-protection: 0
last-modified: Wed, 14 Nov 2018 09:13:50 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Sep 2022 19:06:23 GMT

GET
DATA 200
OK truncated
/ Frame 6462 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 gu-x2Md8DAd-Yn-E0ZViCQm3mkL4a428a8pOLKmNnXk.js Show response
pagead2.googlesyndication.com/bg/ Frame D84B 34 KB
13 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gu-x2Md8DAd-Yn-E0ZViCQm3mkL4a428a8pOLKmNnXk.js

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82efb1d8c77c0c077e627f84d195620909b79a42f86b8dbc6bca4e2ca98d9d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 20:22:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 360534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13143
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 16 Sep 2022 20:22:16 GMT

GET
H2

200

1x1.gif Show response
imagesrv.adition.com/ Frame 6462
Redirect Chain

https://ad2.adfarm1.adition.com/banner?sid=4593833&gdpr=&gdpr_consent=&kid=4680291&bid=14464769&wpt=C&ts=1446237049&ipt=0
https://imagesrv.adition.com/1x1.gif

68 B
178 B

63ms
17ms

Fetch
image/gif

217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=1040374482&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269691&bpp=1&bdt=229&idt=99&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=wmBaJfeDEC&p=https%3A//appfelstrudel.com&dtd=103
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Sep 2021 00:31:10 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 02:31:10 +0200
server: ADITIONSERVER v1.0
etag: 7010178060696290519
location: https://imagesrv.adition.com/1x1.gif
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: *
cache-control: no-cache
content-type: text/plain
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6462 0
0 20ms
20ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtKd-zSdJYYfGMcrK7_UPpfS_qA-_jNmEZev2sdGqDoCojOiQDhABILW4zANglZr7gZQHoAH9356dA8gBCakCqJ7CtRWusz6oAwHIA8sEqgTUAU_Qi3UN6567cm2c3xxS-uQSqOPhlpmBDg_TEyoWyi5EC9-bZWpMNzoR0hldQxhRI717vmp9tnamRDEd5RZA0saUP8RL97C13he60v5RRhYeyO0dbvX52rsWEit8mY_6Zi_AVtmHS6itQ8X6xb7_A8ZgaNjwJbnpGOJw9UJchRnHxVsUgCoH4VytXrlEfRYRPEq3N6KH0xx_dRT1G84grWbRPCRkqEPIQlEnddErCX6ITe6kU_923ll-M7sNxg7B6L6N20I5RNRgco_cb4MK9FFffjVMwASvs6zm1QOSBQQIBBgBkgUECAUYBKAGLoAH65_hYqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQ2a5D0ggJCIDhgBAQARgfgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTQyMTEyMjY3Mzc1MTEyMDUYAA&sigh=0HvETAMONgY&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=1040374482&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269691&bpp=1&bdt=229&idt=99&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=wmBaJfeDEC&p=https%3A//appfelstrudel.com&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=1040374482&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269691&bpp=1&bdt=229&idt=99&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=wmBaJfeDEC&p=https%3A//appfelstrudel.com&dtd=103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 21 Sep 2021 00:31:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/ Frame 2400 2 KB
2 KB 9ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=3935758654&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269689&bpp=1&bdt=227&idt=89&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GkrlxWd1dx&p=https%3A//appfelstrudel.com&dtd=94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ef5da18f8b87352f7274273f3a801336d73b18dd24bff1a4633fabe73bcb363

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/6212998800990712918/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 782
date: Thu, 16 Sep 2021 22:49:18 GMT
expires: Fri, 16 Sep 2022 22:49:18 GMT
last-modified: Mon, 15 Mar 2021 09:49:06 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 351712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9C98 0
0 19ms
19ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5fXwzSdJYeznMLyS7_UP6LO2kAzZ36nTZKrfoPfWDfvIk-qPJxABILW4zANglZr7gZQHoAGunsy7AsgBCakCqJ7CtRWusz6oAwHIA0iqBNQBT9DezU8r7oBQ8NrAz1ynU61ca-7UrNPAVh7GD1QN07vSzpjHHIH-KYGgApbe9E38wri_RY1EeUE7uoQumiysWiBj5_Rxv4HkcSIE1IJjusp8xOT60EKwy99Ou9EmyrCztBONfhqaCV1M-3l9C4-GrXF-M-PiPzapnVrQBTw2GPzCN5rUJgVWOvkg6c3lOgLRVEWQ2ZzwjwMsZvuLVGrEMA5lElXKnuHJgQBw-cQzxyp62O3_f80SYKtwUzJsAaXGl33EALzyXSDAXU-Ual_uJ6kU7lPABJSMqaS6A5IFBAgEGAGSBQQIBRgEoAYugAeshtWDAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwUQmq_0AdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi00MjExMjI2NzM3NTExMjA1GAA&sigh=0g9qsj70wO4&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=3935758654&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269689&bpp=1&bdt=227&idt=89&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GkrlxWd1dx&p=https%3A//appfelstrudel.com&dtd=94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=3935758654&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269689&bpp=1&bdt=227&idt=89&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GkrlxWd1dx&p=https%3A//appfelstrudel.com&dtd=94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 21 Sep 2021 00:31:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3B8D 143 B
226 B 8ms
7ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=3935758654&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269689&bpp=1&bdt=227&idt=89&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GkrlxWd1dx&p=https%3A//appfelstrudel.com&dtd=94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=3935758654&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269689&bpp=1&bdt=227&idt=89&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GkrlxWd1dx&p=https%3A//appfelstrudel.com&dtd=94
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmMYWf5SamIGIB2s3C4u5zCZj3x2MI-eju0Wg347KapHCrWbOZ-lD8SQ77SJrU; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=3935758654&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269689&bpp=1&bdt=227&idt=89&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GkrlxWd1dx&p=https%3A//appfelstrudel.com&dtd=94

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 21 Sep 2021 00:00:06 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1864
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6462 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87d88e2225296a06d6f124d44b603c95ff8fa61f7200184afd77fe27b5218d30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 6462 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 04:03:18 GMT
x-content-type-options: nosniff
age: 592072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 04:03:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 6462 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:49:36 GMT
x-content-type-options: nosniff
age: 456094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 17:49:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 6462 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 03:59:10 GMT
x-content-type-options: nosniff
age: 592320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 03:59:10 GMT

GET
DATA 200
OK truncated
/ Frame 9C98 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47020d1d595b2cfe3b49bd41d0b6bd1c01d63b181a57298fafd1128738aafe6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 2400 9 KB
3 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 09:22:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54497
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 21 Sep 2021 09:22:53 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2400 26 KB
10 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 23:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 21 Sep 2021 23:30:30 GMT

GET
H2 200 style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/css/ Frame 2400 6 KB
2 KB 12ms
11ms Stylesheet
text/css 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/css/style.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

460243b37dc54425f7104fa2a1dd78712437bd85d61a0d10fdbc60cd77732ccc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 313680
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1593
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 09:49:06 GMT
server: sffe
date: Fri, 17 Sep 2021 09:23:10 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Sep 2022 09:23:10 GMT

GET
H2 200 script.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/js/ Frame 2400 3 KB
710 B 12ms
12ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/js/script.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecdc50d52c709dcee691a38026d3fd60a962e65db82c697ebdc2d0e23bff66fb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 215428
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 594
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 09:49:06 GMT
server: sffe
date: Sat, 18 Sep 2021 12:40:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Sep 2022 12:40:42 GMT

GET
H2 200 gu-x2Md8DAd-Yn-E0ZViCQm3mkL4a428a8pOLKmNnXk.js Show response
pagead2.googlesyndication.com/bg/ Frame 781E 34 KB
13 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gu-x2Md8DAd-Yn-E0ZViCQm3mkL4a428a8pOLKmNnXk.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=1040374482&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269691&bpp=1&bdt=229&idt=99&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=wmBaJfeDEC&p=https%3A//appfelstrudel.com&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82efb1d8c77c0c077e627f84d195620909b79a42f86b8dbc6bca4e2ca98d9d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 20:22:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 360534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13143
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 16 Sep 2022 20:22:16 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3B8D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
144 B

15ms
15ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=280&slotname=4289387203&adk=2125351545&adf=3935758654&pi=t.ma~as.4289387203&w=336&lmt=1632183493&psa=0&format=336x280&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184269689&bpp=1&bdt=227&idt=89&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=757&ady=765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GkrlxWd1dx&p=https%3A//appfelstrudel.com&dtd=94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmMYWf5SamIGIB2s3C4u5zCZj3x2MI-eju0Wg347KapHCrWbOZ-lD8SQ77SJrU; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 21 Sep 2021 00:31:10 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 21-Sep-2021 01:31:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 21 Sep 2021 00:31:10 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 21 Sep 2021 00:31:10 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bg_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/img/ Frame 2400 43 KB
43 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/img/bg_1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ceef19064096edd59fb59d5aba5f6a5a990cf44e47d61ac0e0ed0979cca361

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 48741
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44332
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 09:49:06 GMT
server: sffe
date: Mon, 20 Sep 2021 10:58:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 10:58:49 GMT

GET
H2 200 bg_2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/img/ Frame 2400 22 KB
22 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/img/bg_2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1004a7c69c7fd163736704cf3cdb7828f96b8c430b79935e4ad6992cbb33f2ac

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 487696
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22553
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 09:49:06 GMT
server: sffe
date: Wed, 15 Sep 2021 09:02:54 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Sep 2022 09:02:54 GMT

GET
H2 200 banner.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/img/ Frame 2400 18 KB
18 KB 8ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/img/banner.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53e84c34cc73de54bd74686dda62e36941bd93aec206c032cce3b0b5f23a881e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 487433
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18629
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 09:49:06 GMT
server: sffe
date: Wed, 15 Sep 2021 09:07:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Sep 2022 09:07:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3B16 8 KB
785 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,900&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=80&adk=2351984501&adf=2203902367&pi=t.aa~a.459020128~rp.4&w=736&lmt=1632183493&nsk=16ba37c4&rafmt=11&pwprc=8306480574&psa=0&ad_type=text_image&format=736x80&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184270199&bpp=2&bdt=737&idt=2&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbbc40b08f5f89d6-226a3aec3dc90048%3AT%3D1632184269%3ART%3D1632184269%3AS%3DALNI_MbOeMxsMKOiIYt6tFTbBn6T9kCspQ&prev_fmts=0x0%2C336x280%2C336x280%2C336x280&nras=2&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=557&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WLX7lJkuOY&p=https%3A//appfelstrudel.com&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa88c6a2abd808332a60897aeb2ec4884865ed6a342e4be666e57dc2b59956e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 00:31:10 GMT
server: ESF
date: Tue, 21 Sep 2021 00:31:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Sep 2021 00:31:10 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3B16 8 KB
785 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,900&text=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa88c6a2abd808332a60897aeb2ec4884865ed6a342e4be666e57dc2b59956e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 00:09:42 GMT
server: ESF
date: Tue, 21 Sep 2021 00:31:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Sep 2021 00:31:10 GMT

GET
H2 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame 3B16 31 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/m_js_controller_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

543d3aa6f9d00774375f06de1dee80908f94406f477816401d2e6fe34ac59363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 21:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12807
x-xss-protection: 0
server: cafe
etag: 17733861514253737229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 21:18:24 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/ Frame 3B16 18 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 00:28:06 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame 3B16 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 23:59:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 23:59:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3B16 128 KB
39 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f6a3511472d75e0a1c1fa830124b68279af32e7f37d7899257134c259c6ea3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1632137836110461"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Tue, 21 Sep 2021 00:31:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame 3B16 14 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 23:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 23:36:41 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3B16 0
0 15ms
14ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRH9KZph4pGWBJmtUrpsS-XOsT7rO4dVSen0SRzmayctotq9mHNE6UieKMfq1YplY2XCd0ZAtCi-jQfUlRBvRMviz9TmQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=80&adk=2351984501&adf=2203902367&pi=t.aa~a.459020128~rp.4&w=736&lmt=1632183493&nsk=16ba37c4&rafmt=11&pwprc=8306480574&psa=0&ad_type=text_image&format=736x80&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184270199&bpp=2&bdt=737&idt=2&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbbc40b08f5f89d6-226a3aec3dc90048%3AT%3D1632184269%3ART%3D1632184269%3AS%3DALNI_MbOeMxsMKOiIYt6tFTbBn6T9kCspQ&prev_fmts=0x0%2C336x280%2C336x280%2C336x280&nras=2&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=557&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WLX7lJkuOY&p=https%3A//appfelstrudel.com&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 gu-x2Md8DAd-Yn-E0ZViCQm3mkL4a428a8pOLKmNnXk.js Show response
pagead2.googlesyndication.com/bg/ Frame 2400 34 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gu-x2Md8DAd-Yn-E0ZViCQm3mkL4a428a8pOLKmNnXk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82efb1d8c77c0c077e627f84d195620909b79a42f86b8dbc6bca4e2ca98d9d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 20:22:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 360534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13143
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 16 Sep 2022 20:22:16 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11222530003037720311/ Frame 3B16 2 KB
2 KB 36ms
34ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11222530003037720311/downsize_200k_v1?sqp=4sqPyQSSAUKPAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhYINRA1GAEgAS0AAAA_MDU4NUUAAIA_&rs=AOga4qkJZLESL00gFOBiVRsYa0MyRQWjuw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adf194fdb1bbc642ca4af2994e2efe3a9257bb329a4988dfb47aa8392cfb1474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:10 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1662
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 10:07:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Sep 2022 00:31:10 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3B16 0
0 19ms
18ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COX5hzidJYfaFDsWT7_UP_dKKsAurpNSeZa69-sOODsbvv-J4EAEgtbjMA2CVmvuBlAegAefL3LEByAEGqAMByAPLBKoE0AFP0Lv-AiH_9WoAS_v-2T05X_FB1dg3WAxrOMO1gLbrQWpVb2CfQJH0xS-ubjH27A0pUEpfJeMLRHEafCgtP_5cYaYWpDR9VGcAXz8TKW9p_SxBslJTsU46whk7WhPyjWhoTy5G56cmTYThHRBuMPYZSzPK-WcjulnjEx-ihh6PURPV8tR8JO5kNJaYRhmu1agbKKjayIYfXCcUtsd3V-ZScsE1YwZteLR_p2-xgUS9i4WNxjTDF-QPDC5obFHk34xYAxiL1a3Qd_O9yIAKGUN_wASX76vC1gOSBQQIBBgBkgUECAUYBKAGN4AHgbSjzgKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcB8gcEEKuZKtIICQiA4YAQEAEYH4AKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi00MjExMjI2NzM3NTExMjA1GAA&sigh=1k9I1uW-VgE&template_id=492

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=80&adk=2351984501&adf=2203902367&pi=t.aa~a.459020128~rp.4&w=736&lmt=1632183493&nsk=16ba37c4&rafmt=11&pwprc=8306480574&psa=0&ad_type=text_image&format=736x80&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184270199&bpp=2&bdt=737&idt=2&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbbc40b08f5f89d6-226a3aec3dc90048%3AT%3D1632184269%3ART%3D1632184269%3AS%3DALNI_MbOeMxsMKOiIYt6tFTbBn6T9kCspQ&prev_fmts=0x0%2C336x280%2C336x280%2C336x280&nras=2&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=557&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WLX7lJkuOY&p=https%3A//appfelstrudel.com&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 21 Sep 2021 00:31:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3B16 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,900&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 12:19:08 GMT
x-content-type-options: nosniff
age: 303122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 17 Sep 2022 12:19:08 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F5EE 143 B
198 B 8ms
7ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=80&adk=2351984501&adf=2203902367&pi=t.aa~a.459020128~rp.4&w=736&lmt=1632183493&nsk=16ba37c4&rafmt=11&pwprc=8306480574&psa=0&ad_type=text_image&format=736x80&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184270199&bpp=2&bdt=737&idt=2&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbbc40b08f5f89d6-226a3aec3dc90048%3AT%3D1632184269%3ART%3D1632184269%3AS%3DALNI_MbOeMxsMKOiIYt6tFTbBn6T9kCspQ&prev_fmts=0x0%2C336x280%2C336x280%2C336x280&nras=2&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=557&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WLX7lJkuOY&p=https%3A//appfelstrudel.com&dtd=13
accept-encoding: gzip, deflate, br
cookie: DSID=NO_DATA; IDE=AHWqTUnl7RKYX06fLNMdGFGq4osNrJbJSxOd4u0nFJjzULnCCaOWWpGbHMwU_Eta2M8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4211226737511205&output=html&h=80&adk=2351984501&adf=2203902367&pi=t.aa~a.459020128~rp.4&w=736&lmt=1632183493&nsk=16ba37c4&rafmt=11&pwprc=8306480574&psa=0&ad_type=text_image&format=736x80&url=https%3A%2F%2Fappfelstrudel.com%2Fq-oxygen-mobile-banking&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632184270199&bpp=2&bdt=737&idt=2&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcbbc40b08f5f89d6-226a3aec3dc90048%3AT%3D1632184269%3ART%3D1632184269%3AS%3DALNI_MbOeMxsMKOiIYt6tFTbBn6T9kCspQ&prev_fmts=0x0%2C336x280%2C336x280%2C336x280&nras=2&correlator=6917528955580&frm=20&pv=1&ga_vid=1579165863.1632184270&ga_sid=1632184270&ga_hid=589774559&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=557&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526&oid=3&pvsid=2547202820234342&pem=88&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WLX7lJkuOY&p=https%3A//appfelstrudel.com&dtd=13

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 21 Sep 2021 00:00:06 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1864
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C7FC 1 KB
868 B 8ms
8ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 20 Sep 2021 08:58:57 GMT
expires: Tue, 21 Sep 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 55933
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3B16 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f680cb7df92cc3a319f294bcbdf50a118fe46117a43b5b54f6b2560f9be464b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame C7FC 35 B
462 B 51ms
9ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDurzZbEfDv2dE1lMCeEC8c&google_cver=1&google_push=AYg5qPKazJ1R1347jpxivbxLDv9WNEOcbksB9hjHoNuZ3z8_qhvmg5aklBdcwOxh5vmJ8I7POgVGZgwu5c4cnGYOl66MlX2EVQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:31:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7FC
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPItYqVxqkPqsS7uQqXqEG9JIslfnYnEcV4x_eL...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVVrbnp3QUFCUnA4RjBodw&google_push=AYg5qPItYqVxqkPqsS7uQqXqEG9JIslfnYnEcV4x_eL2M2P0CYftFpJenefu10B-Ifk7JJugOXKCY5YHXCRjsQ_vJkSkdntfrhM

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVVrbnp3QUFCUnA4RjBodw&google_push=AYg5qPItYqVxqkPqsS7uQqXqEG9JIslfnYnEcV4x_eL2M2P0CYftFpJenefu10B-Ifk7JJugOXKCY5YHXCRjsQ_vJkSkdntfrhM

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:31:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVVrbnp3QUFCUnA4RjBodw&google_push=AYg5qPItYqVxqkPqsS7uQqXqEG9JIslfnYnEcV4x_eL2M2P0CYftFpJenefu10B-Ifk7JJugOXKCY5YHXCRjsQ_vJkSkdntfrhM
Date: Tue, 21 Sep 2021 00:31:11 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7FC
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPIlcIRgvQhZnMgo3uu0j3GcXbDxrzWHtihEpG0_AHNpkQbhQaoHHdslcdSEZSBOnp3gErOgcnOz1SQ693L-wCrjdhrcrQ&google_gid=CAESEASxXNOLIWr6wyjyTG-9crw&googl...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCM_PpIoGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BWWc1cVBJbGNJUmd2UWhabk1nbzN1dTBqM0djWGJEeHJ6V0h0aWhFcEcwX0FITnBrUWJoUWFvSEhkc2xjZFNFWlNCT25wM2dFck9nY25PejFTUTY5M0...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNDkyWXI3NnljWnI0bmFTcjZGZnlRN19FU2gybWlUQlFId2tWTlpYdkp1SQ==&google_push

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNDkyWXI3NnljWnI0bmFTcjZGZnlRN19FU2gybWlUQlFId2tWTlpYdkp1SQ==&google_push

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:31:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 21 Sep 2021 00:31:11 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNDkyWXI3NnljWnI0bmFTcjZGZnlRN19FU2gybWlUQlFId2tWTlpYdkp1SQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C7FC
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESED-1ZG8LJ2wo3v0r9QlrNLc&google_cver=1&google_push=AYg5qPIYd2v-O_kL_YODLp9vpgvhAWArh3bNqAJn2GHjO_m8J39Nn9khhIWWiJ_MRSvTGLoYUoyELPS1dS6Jracnu5RvAvtHfNU
https://rtb.openx.net/sync/dds?google_gid=CAESED-1ZG8LJ2wo3v0r9QlrNLc&google_cver=1&google_push=AYg5qPIYd2v-O_kL_YODLp9vpgvhAWArh3bNqAJn2GHjO_m8J39Nn9khhIWWiJ_MRSvTGLoYUoyELPS1dS6Jracnu5RvAvtHfNU&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIYd2v-O_kL_YODLp9vpgvhAWArh3bNqAJn2GHjO_m8J39Nn9khhIWWiJ_MRSvTGLoYUoyELPS1dS6Jracnu5RvAvtHfNU&google_hm=OR8gzGMXxaEfhSRn79uLJw==

170 B
232 B

17ms
16ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIYd2v-O_kL_YODLp9vpgvhAWArh3bNqAJn2GHjO_m8J39Nn9khhIWWiJ_MRSvTGLoYUoyELPS1dS6Jracnu5RvAvtHfNU&google_hm=OR8gzGMXxaEfhSRn79uLJw==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:31:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:31:11 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIYd2v-O_kL_YODLp9vpgvhAWArh3bNqAJn2GHjO_m8J39Nn9khhIWWiJ_MRSvTGLoYUoyELPS1dS6Jracnu5RvAvtHfNU&google_hm=OR8gzGMXxaEfhSRn79uLJw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: mgih4sq7gru1vo2cid0p8ua4ujeepebl

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7FC
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MJch4_P5QrqafJYYdlUnjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MJch4_P5QrqafJYYdlUnjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIkZUWsptljj26O8qPUSEW3Mr-pyQkrlydbfdR8kxWQNuC1h_X0NeXXV25GROyw39rxlF7VxPx_tFN26B8xNxRNWCn9LHE

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:31:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MJch4_P5QrqafJYYdlUnjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIkZUWsptljj26O8qPUSEW3Mr-pyQkrlydbfdR8kxWQNuC1h_X0NeXXV25GROyw39rxlF7VxPx_tFN26B8xNxRNWCn9LHE
date: Tue, 21 Sep 2021 00:31:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C7FC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPrA8ydraYNaYEWyJNkTeqs&google_cver=1&google_push=AYg5qPLbPwjmrgmmNVG_E_Yb6MAViHnZzuMD6db_g1zt_2b8qG6yTbXyfYnCFtuARLzc0wJ_N9z...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RUQ0RGUFUtMVEtSTg1MQ==&google_push=AYg5qPLbPwjmrgmmNVG_E_Yb6MAViHnZzuMD6db_g1zt_2b8qG6yTbXyfYnCFtuARLzc0wJ_N9zXsmbCnLufzPCr6v8bpVFd_II

170 B
329 B

19ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RUQ0RGUFUtMVEtSTg1MQ==&google_push=AYg5qPLbPwjmrgmmNVG_E_Yb6MAViHnZzuMD6db_g1zt_2b8qG6yTbXyfYnCFtuARLzc0wJ_N9zXsmbCnLufzPCr6v8bpVFd_II

Requested by

Host: appfelstrudel.com
URL: https://appfelstrudel.com/q-oxygen-mobile-banking

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:31:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RUQ0RGUFUtMVEtSTg1MQ==&google_push=AYg5qPLbPwjmrgmmNVG_E_Yb6MAViHnZzuMD6db_g1zt_2b8qG6yTbXyfYnCFtuARLzc0wJ_N9zXsmbCnLufzPCr6v8bpVFd_II
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame C7FC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C7FC 0
253 B 75ms
15ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Il_Y9ELjJJpB_vl-qXoiUMDtwhiSYx4GPK-36_UKcj81SgSWQKxw7ovpx_pvYbflSTOmFi

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F5EE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
167 B

18ms
16ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: DSID=NO_DATA; IDE=AHWqTUnl7RKYX06fLNMdGFGq4osNrJbJSxOd4u0nFJjzULnCCaOWWpGbHMwU_Eta2M8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 21 Sep 2021 00:31:11 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 21-Sep-2021 01:31:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 21 Sep 2021 00:31:11 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 21 Sep 2021 00:31:10 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gu-x2Md8DAd-Yn-E0ZViCQm3mkL4a428a8pOLKmNnXk.js Show response
pagead2.googlesyndication.com/bg/ Frame 645D 34 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gu-x2Md8DAd-Yn-E0ZViCQm3mkL4a428a8pOLKmNnXk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82efb1d8c77c0c077e627f84d195620909b79a42f86b8dbc6bca4e2ca98d9d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 20:22:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 360534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13143
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 16 Sep 2022 20:22:16 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 44ms
20ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210916&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

291a79c0e71ad6cc983df7b8851f8901ad193f0134b34403a79f73f0346269ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Sep 2021 00:31:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8463
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:31:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 21 Sep 2021 00:31:11 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 38F5 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appfelstrudel.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 20 Sep 2021 23:03:58 GMT
expires: Tue, 20 Sep 2022 23:03:58 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5233
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D3C5 783 B
1 KB 18ms
18ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4e55e655e2e2a20b8da520a155dbc2a9049d63232a8f579190da6c64f2f0c19a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b3F346KJs8QtTk5FNfAfiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appfelstrudel.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 21 Sep 2021 00:31:11 GMT
date: Tue, 21 Sep 2021 00:31:11 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-b3F346KJs8QtTk5FNfAfiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gu-x2Md8DAd-Yn-E0ZViCQm3mkL4a428a8pOLKmNnXk.js Show response
pagead2.googlesyndication.com/bg/ Frame 38F5 34 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gu-x2Md8DAd-Yn-E0ZViCQm3mkL4a428a8pOLKmNnXk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82efb1d8c77c0c077e627f84d195620909b79a42f86b8dbc6bca4e2ca98d9d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 20:22:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 360535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13143
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 16 Sep 2022 20:22:16 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D3C5 0
0 18ms
18ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210916&jk=2547202820234342&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 34ms
33ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210916&jk=2547202820234342&bg=!3N-l35vNAAZWaDWkVmg7ACkAdvg8WssMrNk9aLVQHjf0s6vCpDVTfr0VCGvZd4kV0MISh7Co53WxowIAAABdUgAAAApoAQcKAD3T3_eAJddPq1CJsoNRtbiVTPe4t0uRU3SoCOK-xCen1UBbutWO1eUwNtbJAltW_vlqOOS5rZGS1Cxmyl_6mQKyiLhTitFIgxoYBkor_s0QOrbBryv8luwYLW88-kAbTnYlBew32o8DcA1FDmsBYLdFK_dQTyR51DRhijAXrEIRKCYlAZ3-0sFjK4VMKGwQxVk44S4vIPPP64-a-Gf4B2tRYXwAiWW0Pvq8qXnHaxf7ejj5m-XMR-qdYfbP1et0iL0aI4FCDZWMd5EjpbQ_KPesaw9b07qiD0QomoJNFyDV4sK9io1kax3MebavNX-OxbNqcge49FmOsPNGLMP546qjfkJm3lhMAe0gEu5CUrhWXcNDjN8u4NEF6_gWUqG3AvjFTmeCFyh3Q435iR_-weM1PPicxNCZApooqYa6Z4YonZfEg7O2FTGPLmTV7vh3QC1ounZMUeX-ZPcw0clvcMyNM0QaVcjcE00HUKF_fGh7oWxj6yIZVIXMrmvFYfj3gppebu-tKML6PEZ_awRSSTMAU-itvr6zTWemB9yxLXhrELRq0QZvihyVVUGSK1XwxuNSqwsojhLC4oEeI8WG6QRbZgWWeRT_Oliiudy3AfS8me9XIXa12EyibMPBzz0YYDd-xQv84WlKr0BmCw4JoS-b5BIqmUkaurJoc8F1n26QKP29FnYd2yRrvTdOTYfDgKKFDhTrBcAVUKhJqXMUgRdVaHxx9JFhDXU8TN2JCdzI45hlBr5sXM6RdEEqP5Oe_OcKcuqL8NUgPcjSnv6_IeTDcPnwXK5GBOj6S0aAX3U-vqsLT-uFVsNHSbr8WNyjfTUUhdjfAiXN5Ld_FDXxBpuVO3NOB2aJ3SJxvWeYPROaK9DgA8sPWSwBOHqqpvOG_kqPTsUZi7-kcdzGi0UEK1jTz96qWFIgd01Exb6xbGt5r4_5p4K86ntrTmlpP9GfTsp-3xGPNXxze6Jc5vw6Uk6U4FV-4lCplZ0n8-W73XHRtAc2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appfelstrudel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9C98 42 B
174 B 18ms
18ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJprZcHsIo4R4l6BRvz4yilsqy59VCDq6Cpvoe0f9rPQlJscgwz8QzSOhohnl_kpeo3cwQFngpESPXg1ASyif4ICnzJjJmwtKJb9D-sYZzdKXdv0ayjg&sai=AMfl-YS5z8QFj6Shx8uL80w-mFL0H17VhEw3Gl0bMECPKRSpFWL5cj4Lvqxvwdg9KxlPfDN3aoLLfmPUHT3E&sig=Cg0ArKJSzLdNJhjAAyE4EAE&id=lidar2&mcvt=1001&p=792,757,1072,1093&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210920&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=2125351545&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632184269784&rpt=923&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:31:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.appfelstrudel.com/	1970-01-20 14:54:16	Name: _ga Value: GA1.2.1579165863.1632184270
.appfelstrudel.com/	1970-01-19 21:24:30	Name: _gid Value: GA1.2.312608195.1632184270
.appfelstrudel.com/	1970-01-19 21:23:04	Name: _gat Value: 1
.appfelstrudel.com/	1970-01-20 06:44:40	Name: __gads Value: ID=cbbc40b08f5f89d6-226a3aec3dc90048:T=1632184269:RT=1632184269:S=ALNI_MbOeMxsMKOiIYt6tFTbBn6T9kCspQ
.adfarm1.adition.com/	1970-01-19 23:32:36	Name: UserID1 Value: 7010178060696224983
.adfarm1.adition.com/	1970-01-19 21:23:06	Name: lv_4680291 Value: w=4593833\|t=1632184269
.doubleclick.net/	1970-01-19 21:23:07	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 06:44:40	Name: IDE Value: AHWqTUnl7RKYX06fLNMdGFGq4osNrJbJSxOd4u0nFJjzULnCCaOWWpGbHMwU_Eta2M8
.quantserve.com/	1970-01-19 23:32:40	Name: d Value: EBoBCQGmJIEA
.quantserve.com/	1970-01-20 06:53:18	Name: mc Value: 614927cf-024a9-fa321-d0d08
.openx.net/	1970-01-20 06:08:40	Name: i Value: 35e595a9-6316-4378-a327-a03858e58260\|1632184271
.casalemedia.com/	1970-01-20 06:08:40	Name: CMID Value: YUknz-EgHYfOEFXqHo.EuQAA
.casalemedia.com/	1970-01-19 23:32:40	Name: CMPS Value: 5238
.rlcdn.com/	1970-01-20 06:08:40	Name: rlas3 Value: 0CcJOzTySiF6guqkhpsdUk/4zkHzeSYGnsUUuBBCNBc=
.casalemedia.com/	1970-01-19 23:32:40	Name: CMPRO Value: 1120
.casalemedia.com/	1970-01-19 21:24:30	Name: CMST Value: YUknz2FJJ88A
.rlcdn.com/	1970-01-19 22:49:28	Name: pxrc Value: CM/PpIoGEgUI6AcQABIGCOndKhAA
.pubmatic.com/	1970-01-19 21:24:30	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-19 23:32:40	Name: KADUSERCOOKIE Value: 309721E3-F3F9-42BA-9A7C-96187655278D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUknz_EgHYfOEFXqHo-EuQAABGAAAAIB&google_gid=CAESEPmpDiCs52AxWYMpqgujOYM&google_push=AYg5qPJMadHdXw30bZI2ggWDWW1IB2TEdVSZVO9__gXwNEMhKDO4UIC0IEH81b-NuCrvPSIFZ-s7xbbeq63mm-D-Swmif-qmIw&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad2.adfarm1.adition.com
adservice.google.com
adservice.google.de
appfelstrudel.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
imagesrv.adition.com
is2-ssl.mzstatic.com
is3-ssl.mzstatic.com
is4-ssl.mzstatic.com
is5-ssl.mzstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
142.250.181.226
142.250.184.226
185.64.190.78
217.79.188.11
217.79.188.21
2606:4700:3108::ac42:2912
2606:4700::6810:125e
2606:4700::6810:5f41
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200a
2a00:1450:400c:c0c::9d
2a02:26f0:6c00:183::2a1
2a02:26f0:6c00:192::2a1
2a02:26f0:6c00:194::2a1
2a02:26f0:6c00:1b8::2a1
2a04:4e42:400::485
35.227.252.103
35.244.174.68
52.18.11.109
69.173.144.165
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1004a7c69c7fd163736704cf3cdb7828f96b8c430b79935e4ad6992cbb33f2ac
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18eecf90d22512cb5a360236e675da11ab6b5e376659ab82487267f53311d99f
1ef5da18f8b87352f7274273f3a801336d73b18dd24bff1a4633fabe73bcb363
21ff5348dd0a83e66ccf41519a807f0c2c45d01d9c0175e28fdc4de5879064c7
224ce4a8018b76b077702252eb5bc82676ad9a83bb52569c5e8a3c8ee302d159
25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132
2551f46b04d62731402c1bec6a496a3b3fd6412ebad33d6b51a284b29dbe1d43
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
291a79c0e71ad6cc983df7b8851f8901ad193f0134b34403a79f73f0346269ca
297216266176b1027dbab947934632e03e0d3bfb25ed354892aa86f429bd0956
297ca9748cbbe4f3c7b1b11a564ae106f95083c5d3432f0dbda973ac8c4cadca
2f6a3511472d75e0a1c1fa830124b68279af32e7f37d7899257134c259c6ea3c
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35376cedab550837a894b5336dc978e65c7880960efa135709a5f5c02d874077
3712c17c27414c5a3981a0c1946d831001f5ad4e45b62577c08928c37f6ec8d4
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
45a554bfd9def9b99b9d0355226ad08577014af3a2db1c8aeedcfb4fde879d5c
460243b37dc54425f7104fa2a1dd78712437bd85d61a0d10fdbc60cd77732ccc
47020d1d595b2cfe3b49bd41d0b6bd1c01d63b181a57298fafd1128738aafe6f
494547ec811bf0d3ad83340da1aedd80e70438b60c1f0b9b645192a64ce19b39
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e55e655e2e2a20b8da520a155dbc2a9049d63232a8f579190da6c64f2f0c19a
4f175ba1a86dca89a1b1c8cded4cb6d76acc15e976cba8bdc3c8c95820adf716
4f680cb7df92cc3a319f294bcbdf50a118fe46117a43b5b54f6b2560f9be464b
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
53e84c34cc73de54bd74686dda62e36941bd93aec206c032cce3b0b5f23a881e
543d3aa6f9d00774375f06de1dee80908f94406f477816401d2e6fe34ac59363
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
550ceb9559bb4237527909ff21e719804f6b9df337f741f756821c0c9963392b
570bd2850b2474f190c61445ce44d5383d5a95b00baf68dd2c1b0ff0bd7db72f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
696dd29e81070f430ed09c10c95bc0d5f350ececa5b8406b2f20501f9ba3644d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
711666f2a16ff3ab94d415f9a1de7b0119d4927ab6a9cb7fdc2860692c2d0a23
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
7d514b0fcbfc6725ee9f2d3c3602d6a40c3d6118b353879a995b763f29040d7d
82efb1d8c77c0c077e627f84d195620909b79a42f86b8dbc6bca4e2ca98d9d79
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
87d88e2225296a06d6f124d44b603c95ff8fa61f7200184afd77fe27b5218d30
8a931b60725e51020c4ea40d533bfc2b99e03fb490ce62ab3aa5d648e09c6f72
8a969d3965e81d489e09393d7bb696e5bb9d4cca260d8d7d24d22c8c8af9ca5c
90b05ecfde2f8863e77b30a650d2089b157a573ba0e0a132f5402b14a2972e58
92efabf91f5647021d76da600b298c6858b5fadf30926ae3f5a59d291dadbc62
932a40f7e0e24b57ef30c8e78b9cbbea778e8798f5b6d5bf3506d8b4077710ff
956ad562a40bc7eaaa3636a4d922dd5b2181f4c5d5da96d32bda586435b574d2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cecda2749deb063ccda4cb1f655f8cea6baf8140071b53ec7804314216a7170
a034cf9b40f8d3bcdf0277bf5c19aef2ff9810d213b65533dbe9d91f2a60ebb6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a9ceef19064096edd59fb59d5aba5f6a5a990cf44e47d61ac0e0ed0979cca361
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
adf194fdb1bbc642ca4af2994e2efe3a9257bb329a4988dfb47aa8392cfb1474
ae08717f804c68188e492d3ade43083dd763e1bf3b575a457a3c71463e6a9865
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b490db24713ee2eb68e6fb60bea19cc70251c295cc2486688d9a7fe3a9925eda
b49f9c1fdfb1d6199509d3d33ceb8c3355f15f8f12f9e97be20c8616d375be7f
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c4efeeb957e361500bf19ba26282beae1a8e4083c5ccff10dccab2eaa09acd45
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d21c8bd2e8b2f5a56b540807fec034374ae70b88dc022ee1e6db57431e3899c9
d36539cdb0c01e1ba01087ee31f0cd7990e555ad7ef41cf860ff9f94d2b46ae9
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
e02fb5c325499a5c9c1bf74dc6fc6af5117263af30e0f58e28d9d6a6a2b8803f
e1442350d14e58581d58167d4b34f431dc3d15b240e517885bb7db15b2099797
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e411c3a854a411cb45294480fc14876964a40314416e9c351ac9df5c33daa134
eb9fe6b9f0b60051b86e2bc7e447c1accca9ed8ace53dc301dd2424445d44cc1
ecdc50d52c709dcee691a38026d3fd60a962e65db82c697ebdc2d0e23bff66fb
ee36e8cf331eb906a190347b577f747468c5379da618c86eb6eb4adc053c4e6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa88c6a2abd808332a60897aeb2ec4884865ed6a342e4be666e57dc2b59956e7
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fcef96bd3d8479bd51214ea2308b44862e719474c22c78361e02e6546156c96f
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

appfelstrudel.com Open in urlscan Pro 2606:4700:3108::ac42:2912 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

132 Requests

99 %HTTPS

70 %IPv6

21 Domains

30 Subdomains

25 IPs

5 Countries

1938 kBTransfer

4096 kBSize

19 Cookies

12 Outgoing links

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

appfelstrudel.com Open in urlscan Pro
2606:4700:3108::ac42:2912 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

99 %
HTTPS

70 %
IPv6

21
Domains

30
Subdomains

25
IPs

5
Countries

1938 kB
Transfer

4096 kB
Size

19
Cookies

132 HTTP transactions
7 data transactions