banks.org Open in urlscan Pro
2607:f1c0:100f:f000::253 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.banks.org/
Effective URL:
https://banks.org/
Submission: On January 19 via api (January 19th 2023, 8:34:13 pm UTC) from US — Scanned from DE

Summary HTTP 123 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 24 domains to perform 123 HTTP transactions. The main IP is 2607:f1c0:100f:f000::253, located in United States and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is banks.org.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on November 17th 2022. Valid for: a year.

This is the only time banks.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 42	2607:f1c0:100... 2607:f1c0:100f:f000::253	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	52.29.214.155 52.29.214.155	16509 (AMAZON-02) (AMAZON-02)
6	142.251.208.98 142.251.208.98	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	63.33.255.124 63.33.255.124	16509 (AMAZON-02) (AMAZON-02)
2 2	18.158.138.18 18.158.138.18	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.87.133.65 104.87.133.65	16625 (AKAMAI-AS) (AKAMAI-AS)
3	35.176.33.61 35.176.33.61	16509 (AMAZON-02) (AMAZON-02)
1	18.66.15.19 18.66.15.19	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.95 18.66.147.95	16509 (AMAZON-02) (AMAZON-02)
4	3.11.171.0 3.11.171.0	16509 (AMAZON-02) (AMAZON-02)
1	35.190.25.25 35.190.25.25	() ()
123	25

42 2607:f1c0:100f:f000::253 (United States) 1 redirects

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

www.banks.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
banks.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.214.155 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-214-155.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.208.98 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.255.124 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-255-124.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.138.18 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-138-18.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.87.133.65 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-133-65.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.176.33.61 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-33-61.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-19.vie50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-95.fra60.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.11.171.0 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-171-0.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.25.25 (None, )

ASN- ()

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	banks.org 1 redirects www.banks.org banks.org	823 KB
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 156	285 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28836 ad4m.at — Cisco Umbrella Rank: 9591 assets.ad4m.at — Cisco Umbrella Rank: 37206	659 KB
13	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 216	50 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	138 KB
5	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18712 api.webgains.io — Cisco Umbrella Rank: 49878	31 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	webgains.com track.webgains.com — Cisco Umbrella Rank: 40045	7 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 276	1 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2206	795 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 728 s.tribalfusion.com — Cisco Umbrella Rank: 1773	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 689	2 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 82915 static-de.ad4mat.net — Cisco Umbrella Rank: 115742	4 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	96 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8470	957 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	mixpanel.com api-js.mixpanel.com	367 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 47056	15 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 15193	704 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 11998	555 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 554	540 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2725	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 813	694 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 2831	18 KB
123	24

	Domain	Requested by
41	banks.org	banks.org
10	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	pagead2.googlesyndication.com	banks.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net banks.org
7	fonts.gstatic.com	fonts.googleapis.com
6	assets.ad4m.at	as.ad4m.at
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	api.webgains.io	analytics.webgains.io
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
3	track.webgains.com	as.ad4m.at
2	x.bidswitch.net	2 redirects
2	match.360yield.com	2 redirects
2	pm.w55c.net	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	fonts.googleapis.com	banks.org googleads.g.doubleclick.net
1	api-js.mixpanel.com	cdn.mxpnl.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	www.awin1.com	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	ads.travelaudience.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	banks.org
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.mxpnl.com	banks.org
1	www.banks.org	1 redirects
123	34

This site contains no links.

Subject Issuer	Validity	Valid
*.banks.org Encryption Everywhere DV TLS CA - G1	`2022-11-17` - `2023-11-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.mxpnl.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-07-11` - `2023-07-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh
*.mixpanel.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-28` - `2023-04-28`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://banks.org/
Frame ID: EA57FD81941486D7B34A24AD7EEB2570
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20190131/zrt_lookup.html
Frame ID: D395A6C32262796017751C7579BBBA80
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&adk=1812271804&adf=3025194257&lmt=1673452314&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x810_l%7C140x810_r&format=0x0&url=https%3A%2F%2Fbanks.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160447599&bpp=9&bdt=1121&idt=275&shv=r20230117&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5809613799869&frm=20&pv=2&ga_vid=1523374113.1674160448&ga_sid=1674160448&ga_hid=882837101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071640&oid=2&pvsid=3747011109229152&tmod=1053706737&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=292
Frame ID: 7135749DE7411917A07139AEF21D27A3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=280&adk=4144480424&adf=1612389005&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=1200x280&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160447608&bpp=2&bdt=1130&idt=288&shv=r20230117&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5809613799869&frm=20&pv=1&ga_vid=1523374113.1674160448&ga_sid=1674160448&ga_hid=882837101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=73&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071640&oid=2&pvsid=3747011109229152&tmod=1053706737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JeCJHq64uB&p=https%3A//banks.org&dtd=291
Frame ID: BDC4A9F7D5B687C0FCBBEE5EF13E5FDD
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160448207&bpp=1&bdt=1729&idt=2&shv=r20230117&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D618e2ee03cd23e97-227276258dda0014%3AT%3D1674160447%3ART%3D1674160447%3AS%3DALNI_MZ4DImZz9k75BrRJGYgdTMAp75iEA&gpic=UID%3D00000ba5910eb61b%3AT%3D1674160447%3ART%3D1674160447%3AS%3DALNI_MZ5nNq3hWaGffSVFJvwimOpbE8-1Q&prev_fmts=0x0%2C1200x280&nras=3&correlator=5809613799869&frm=20&pv=1&ga_vid=1523374113.1674160448&ga_sid=1674160448&ga_hid=882837101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071640&oid=2&pvsid=3747011109229152&tmod=1053706737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ci2a6rT9go&p=https%3A//banks.org&dtd=32
Frame ID: 271A0C2756893AF8BAA1E7D113853259
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=280&adk=3039446094&adf=1308214307&pi=t.aa~a.343856025~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=336x280&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160448217&bpp=1&bdt=1739&idt=1&shv=r20230117&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D618e2ee03cd23e97-227276258dda0014%3AT%3D1674160447%3ART%3D1674160447%3AS%3DALNI_MZ4DImZz9k75BrRJGYgdTMAp75iEA&gpic=UID%3D00000ba5910eb61b%3AT%3D1674160447%3ART%3D1674160447%3AS%3DALNI_MZ5nNq3hWaGffSVFJvwimOpbE8-1Q&prev_fmts=0x0%2C1200x280%2C263x600&nras=4&correlator=5809613799869&frm=20&pv=1&ga_vid=1523374113.1674160448&ga_sid=1674160448&ga_hid=882837101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071640&oid=2&pvsid=3747011109229152&tmod=1053706737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=urLfpZPdFa&p=https%3A//banks.org&dtd=56
Frame ID: 205B5E4D6CBE06F9ADB9F2408C6CBB7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CTCHrQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLUBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZTK4AFAJmmKcW6_uzOpx91CVzju6f3WVF8IZ6WiBkS6spu4fzf03oAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTMwMDg3NDA0ODE5NTM0OBgA&sigh=3BOtGSNNppo&uach_m=[UACH]&cid=CAQSOwDq26N9_Mum0lrvhBihq51z7n6JWMaWV0jJzpvS1LpO92Dz8yiyAyn2JVhK7tLtqx0erUx4uN98uIamGAEgEw
Frame ID: 4E5568345843D9DC183676B02C288D98
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k3cx7t185pnhn56vnpzx71tfhppczmzfwjkq3z2c7crsknscgtyszb4vb53fxx38k7yr6a4hd60dzzn11m5p0wf56fwe4dpx8r9bqmg6hwbezpr0c56rgqr9e68g30t7p7bt4ydx6s9jzhppxw828d7cexqb8pd6hp9czq65xc9gtsw184tn4nw27k8ptnepjwq9bvvd64nw62pc7kab2ee65sy27jft8f74785h93qyfzzpwbq6gjpefvq29rw0204pwqywb05z9h0hpyr9xwzpvy3wgreagqne2z6rf80wehhn0dftzn86pjpeyfsjqfpavjf13vpjdxh0bayg0hqrmbjqep70qfy4h0kc836fr8jjwnzv93bk0q1e8bk02j6kpp77n4pdybks2qy56xvagy2e92aze9rxq2zw6kqmdft5ap09vf2fhazvb83mtf1f6tnz3tg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%26client%3Dca-pub-9300874048195348%26adurl%3D
Frame ID: 04252AAE7C9431104D28541C1C80B79E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 197081FACAAE938AB9B0809E6958BCCA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Frame ID: 61D026E3B021BD242C35385E3B6B483C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D0135311B1780DA2BBDAF1E3AA2EBC29
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=407ba02b6947d4dd53eb7c416b89e9e9%2F3785592455970731672&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1674160449223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzptjhzmj9fbj5xqb254mzfac798pm6e1azwwbr4qtqgdhdb6x62rkqqzf1xta7cmckvm5xqyy3jdgs9xg6a5fzj9b01b1k1qmxqk9zq27mhd8n90e9hrwgg1vh74fwzgsn5cm9maknsv49c5rw4sy0prqqgzej4h4rya5k1b35xy35drkxkspvgys2fk2ra7z6ywr9e60gpm6s401es384s22za4mh2dpeqbj4hmhtn7jydjkfxxk6wstcya4vf6xsn0eez16tkcd17axb0nefz4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%2526client%253Dca-pub-9300874048195348%2526adurl%253D&y=1&s=&z=0
Frame ID: AD93B4C856B2203E130C5496B1E59703
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 963365B68888D6BBB23AE5A120E806B9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F11CB641061C04957F9591FF6E327A21
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Banks.org

Page URL History Show full URLs

http://www.banks.org/ HTTP 302
https://banks.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

123
Requests

95 %
HTTPS

59 %
IPv6

24
Domains

34
Subdomains

25
IPs

6
Countries

2132 kB
Transfer

3760 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.banks.org/ HTTP 302
https://banks.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHaw3clFoCA8YWvyqy3Pyv8&google_cver=1&google_push=AavPq0MJZ5bpFTs2nJfZ1Jhm2fCofll4E__qMdFqI3CuIpEoiOleXdwjMWQGde2hnJ7050E9yYMho5H2l0mpfzUNENvPJJDmf2QOZA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHaw3clFoCA8YWvyqy3Pyv8&google_cver=1&google_push=AavPq0MJZ5bpFTs2nJfZ1Jhm2fCofll4E__qMdFqI3CuIpEoiOleXdwjMWQGde2hnJ7050E9yYMho5H2l0mpfzUNENvPJJDmf2QOZA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WGZSTVV5TTMxUGlCQlM1&google_gid=CAESEHaw3clFoCA8YWvyqy3Pyv8&google_cver=1&google_push=AavPq0MJZ5bpFTs2nJfZ1Jhm2fCofll4E__qMdFqI3CuIpEoiOleXdwjMWQGde2hnJ7050E9yYMho5H2l0mpfzUNENvPJJDmf2QOZA

Request Chain 79

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHb8lHZ0GKt7Q1Zat564afc&google_cver=1&google_push=AavPq0OwGM9LnnNFU7oOHs08zg7V4w8C0zWJ0_ld4mxEK71YGIg05VRFQz7lumiA379a4nRSiZv8EJoU_VNFC9SUUsFk3_ob9ZmoCQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OwGM9LnnNFU7oOHs08zg7V4w8C0zWJ0_ld4mxEK71YGIg05VRFQz7lumiA379a4nRSiZv8EJoU_VNFC9SUUsFk3_ob9ZmoCQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHb8lHZ0GKt7Q1Zat564afc&google_cver=1&google_push=AavPq0OwGM9LnnNFU7oOHs08zg7V4w8C0zWJ0_ld4mxEK71YGIg05VRFQz7lumiA379a4nRSiZv8EJoU_VNFC9SUUsFk3_ob9ZmoCQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OwGM9LnnNFU7oOHs08zg7V4w8C0zWJ0_ld4mxEK71YGIg05VRFQz7lumiA379a4nRSiZv8EJoU_VNFC9SUUsFk3_ob9ZmoCQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 80

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGJpJk0yKXBaPIZXOS936gw&google_cver=1&google_push=AavPq0P4kPl6opSCuRWwQMunJadjs72fMQQ4pTKMZNZQHCsQ_4qmczyLQuQvTcTqKcch9Wufo9LM-MnGD7DSgBtSr2r2xlmkj8EFv6Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGJpJk0yKXBaPIZXOS936gw&google_push=AavPq0P4kPl6opSCuRWwQMunJadjs72fMQQ4pTKMZNZQHCsQ_4qmczyLQuQvTcTqKcch9Wufo9LM-MnGD7DSgBtSr2r2xlmkj8EFv6Y

Request Chain 81

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPVJy9G674yVuPXJ9gNoLy0&google_cver=1&google_push=AavPq0OEn79eSUaaI8mxCnFtjy9PwGlReKEdqvEfItfnbdXRIRlaO9pyuG9VcapwbKUxhxFbkoVwL23Z9OdAvmO6NJ0VX7BCa9aQdg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zBMIzHAJR9WPLAFArBvVDw2&google_push=AavPq0OEn79eSUaaI8mxCnFtjy9PwGlReKEdqvEfItfnbdXRIRlaO9pyuG9VcapwbKUxhxFbkoVwL23Z9OdAvmO6NJ0VX7BCa9aQdg

Request Chain 82

https://match.360yield.com/match/ebda?google_gid=CAESEI8_G2LjNtYfM_6s8DGAlXQ&google_cver=1&google_push=AavPq0MjD6YEOFcsBoTdEI30Rp8n3v8J9yXhj4nHyAudnBsUMZvJJ3ZEkQzuqmsiLZYCAD0RLRjewanIIPHYwzQj5hCbtqTxX01nNbw HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEI8_G2LjNtYfM_6s8DGAlXQ&google_cver=1&google_push=AavPq0MjD6YEOFcsBoTdEI30Rp8n3v8J9yXhj4nHyAudnBsUMZvJJ3ZEkQzuqmsiLZYCAD0RLRjewanIIPHYwzQj5hCbtqTxX01nNbw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=SyV6XnGfQxGAceDuATc73w&google_push=AavPq0MjD6YEOFcsBoTdEI30Rp8n3v8J9yXhj4nHyAudnBsUMZvJJ3ZEkQzuqmsiLZYCAD0RLRjewanIIPHYwzQj5hCbtqTxX01nNbw

Request Chain 83

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEE7jsL-lJek94uPsgX6gb_Q&google_cver=1&google_push=AavPq0OluOMqW5xj9CroGt43XgdOX2A7UqEY_aRuHF14YU4sPcVDvMStbgnxkYg7ptASZjFNv3EGhcnjKfD8T2i2rN41L89DNpfbKQai HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEE7jsL-lJek94uPsgX6gb_Q&google_cver=1&google_push=AavPq0OluOMqW5xj9CroGt43XgdOX2A7UqEY_aRuHF14YU4sPcVDvMStbgnxkYg7ptASZjFNv3EGhcnjKfD8T2i2rN41L89DNpfbKQai HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0420e65d-32c8-47a8-91f4-932021a33c66&%%GOOGLE_PUSH_PAIR%%

123 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
banks.org/
Redirect Chain

http://www.banks.org/
https://banks.org/

114 KB
20 KB

666ms
297ms

Document
text/html

2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: cbe8c763a9ec6bd3cad599d7716d01309fd0a922f3b7f52d943bcb1ecb5e27af

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 20206
content-type: text/html; charset=UTF-8
date: Thu, 19 Jan 2023 20:34:06 GMT
expires: Mon, 29 Oct 1923 20:30:00 GMT
last-modified: Wed, 11 Jan 2023 15:51:54 GMT
pragma: no-cache
server: Apache
vary: User-Agent,Accept-Encoding

Redirect headers

Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 202
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 19 Jan 2023 20:34:05 GMT
Expires: Thu, 19 Jan 2023 21:34:05 GMT
Keep-Alive: timeout=15
Location: https://banks.org/
Server: Apache

GET
H2 200 style.min.css
banks.org/wp-includes/css/dist/block-library/ 93 KB
16 KB 208ms
205ms Stylesheet
text/css 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:06 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:34:12 GMT
server: Apache
etag: "172a9-5f1fc37b30ef8-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 16136
expires: Thu, 16 Feb 2023 20:34:06 GMT

GET
H2 200 classic-themes.min.css
banks.org/wp-includes/css/ 217 B
424 B 208ms
205ms Stylesheet
text/css 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:06 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:34:12 GMT
server: Apache
etag: "d9-5f1fc37b66a60-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 189
expires: Thu, 16 Feb 2023 20:34:06 GMT

GET
H2 200 wpautoterms.css
banks.org/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/ 547 B
435 B 216ms
212ms Stylesheet
text/css 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=6.1.1
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:06 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:37:10 GMT
server: Apache
etag: "223-5f1fc4251d9f6-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 199
expires: Thu, 16 Feb 2023 20:34:06 GMT

GET
H2 200 styles.css
banks.org/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 214ms
211ms Stylesheet
text/css 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:06 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:35:52 GMT
server: Apache
etag: "af3-5f1fc3db39dd0-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 1074
expires: Thu, 16 Feb 2023 20:34:06 GMT

GET
H2 200 mashsb.min.css
banks.org/wp-content/plugins/mashsharer/assets/css/ 46 KB
29 KB 257ms
254ms Stylesheet
text/css 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/mashsharer/assets/css/mashsb.min.css?ver=3.8.7
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 0500bd58f47403106f2f10da96d8d196941a02a4046e88611a59494557861f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:06 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:36:13 GMT
server: Apache
etag: "b6e3-5f1fc3eebf1fd-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 29666
expires: Thu, 16 Feb 2023 20:34:06 GMT

GET
H2 200 wpp.css
banks.org/wp-content/plugins/wordpress-popular-posts/assets/css/ 2 KB
856 B 215ms
212ms Stylesheet
text/css 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.1.1
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:06 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:37:02 GMT
server: Apache
etag: "688-5f1fc41e0defd-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 620
expires: Thu, 16 Feb 2023 20:34:06 GMT

GET
H2 200 virtue.css
banks.org/wp-content/themes/virtue/assets/css/ 199 KB
47 KB 391ms
389ms Stylesheet
text/css 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/themes/virtue/assets/css/virtue.css?ver=3.4.5
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 44352f2782055e78f474b678b4fb93ba8f39473a3480015c4b4f5de6906d6323

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:06 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 02:14:47 GMT
server: Apache
etag: "31afa-5f21bcc35983f-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 47351
expires: Thu, 16 Feb 2023 20:34:06 GMT

GET
H2 200 default.css
banks.org/wp-content/themes/virtue/assets/css/skins/ 4 KB
2 KB 342ms
333ms Stylesheet
text/css 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/themes/virtue/assets/css/skins/default.css?ver=3.4.5
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 26c0ff25452c0df38cba6be960ed2632117c62a45bbb78d84c15edd9fe09d0af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:06 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 02:14:47 GMT
server: Apache
etag: "fb1-5f21bcc34cd1d-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 1438
expires: Thu, 16 Feb 2023 20:34:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 25 KB
2 KB 134ms
49ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRoboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&ver=1672623260

Requested by

Host: banks.org
URL: https://banks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8278753710ce6e939a0c82614bbb441c5167b67f10ac6f768a84e0f910410e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Jan 2023 20:34:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 20:34:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Jan 2023 20:34:06 GMT

GET
H2 200 jquery.min.js Show response
banks.org/wp-includes/js/jquery/ 88 KB
36 KB 495ms
286ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:06 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:34:13 GMT
server: Apache
etag: "15e54-5f1fc37c2de00-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 36199
expires: Thu, 16 Feb 2023 20:34:06 GMT

GET
H2 200 jquery-migrate.min.js Show response
banks.org/wp-includes/js/jquery/ 11 KB
5 KB 526ms
318ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:06 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 23:44:01 GMT
server: Apache
etag: "2bd8-5c8c4607b8b23-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 4563
expires: Thu, 16 Feb 2023 20:34:06 GMT

GET
H2 200 regenerator-runtime.min.js Show response
banks.org/wp-includes/js/dist/vendor/ 6 KB
3 KB 704ms
159ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:34:12 GMT
server: Apache
etag: "194b-5f1fc37be1b34-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 2641
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 wp-polyfill.min.js Show response
banks.org/wp-includes/js/dist/vendor/ 17 KB
7 KB 536ms
321ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:06 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:34:12 GMT
server: Apache
etag: "459f-5f1fc37be2ad4-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 7347
expires: Thu, 16 Feb 2023 20:34:06 GMT

GET
H2 200 dom-ready.min.js Show response
banks.org/wp-includes/js/dist/ 498 B
577 B 465ms
250ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:06 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:34:12 GMT
server: Apache
etag: "1f2-5f1fc37bec715-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 331
expires: Thu, 16 Feb 2023 20:34:06 GMT

GET
H2 200 base.js Show response
banks.org/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/ 720 B
550 B 464ms
249ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.5.0
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:06 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:37:11 GMT
server: Apache
etag: "2d0-5f1fc425ee9d7-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 304
expires: Thu, 16 Feb 2023 20:34:06 GMT

GET
H2 200 script.js Show response
banks.org/wp-content/plugins/shortcode-for-current-date/dist/ 1011 B
762 B 704ms
160ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/shortcode-for-current-date/dist/script.js?ver=6.1.1
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 42a3e7eb21772042631226aa59844d39505b17934593db5ebf7a4f4681c36bfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:36:28 GMT
server: Apache
etag: "3f3-5f1fc3fd72f08-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 516
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 mashsb.min.js Show response
banks.org/wp-content/plugins/mashsharer/assets/js/ 4 KB
2 KB 864ms
186ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/mashsharer/assets/js/mashsb.min.js?ver=3.8.7
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 876f181150664af9e30a4c1da6f8f95eb462aebeb8781db732ff6bc48a1f6632

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:36:13 GMT
server: Apache
etag: "114d-5f1fc3eecdc5f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 1620
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 wpp.min.js Show response
banks.org/wp-content/plugins/wordpress-popular-posts/assets/js/ 3 KB
2 KB 705ms
159ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.1.1
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:37:02 GMT
server: Apache
etag: "bd7-5f1fc41e14c5e-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 1421
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 185ms
87ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9300874048195348

Requested by

Host: banks.org
URL: https://banks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a9179bbbf614176cd2b0cbb225f86a53b64df42a80be251f098ac7dbde69917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.org/
Origin: https://banks.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49834
x-xss-protection: 0
server: cafe
etag: 15209227204902638138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 20:34:07 GMT

GET
H2 200 index.js Show response
banks.org/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
4 KB 523ms
200ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:06 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:35:52 GMT
server: Apache
etag: "2945-5f1fc3db43a11-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 3348
expires: Thu, 16 Feb 2023 20:34:06 GMT

GET
H2 200 index.js Show response
banks.org/wp-content/plugins/contact-form-7/includes/js/ 12 KB
5 KB 526ms
204ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:06 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:35:52 GMT
server: Apache
etag: "316c-5f1fc3db40b31-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 4580
expires: Thu, 16 Feb 2023 20:34:06 GMT

GET
H2 200 smush-lazy-load.min.js Show response
banks.org/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 823ms
207ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.12.4
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:36:34 GMT
server: Apache
etag: "1ef2-5f1fc402b1c3a-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 3904
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 bootstrap-min.js Show response
banks.org/wp-content/themes/virtue/assets/js/min/ 27 KB
9 KB 614ms
168ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/themes/virtue/assets/js/min/bootstrap-min.js?ver=3.4.5
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 02320f9705025c1834687f547dc6c49d27cd68043a18936c9dac6120df5560bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 02:14:47 GMT
server: Apache
etag: "6be6-5f21bcc3970a9-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 8891
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 hoverIntent.min.js Show response
banks.org/wp-includes/js/ 1 KB
967 B 618ms
172ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:34:13 GMT
server: Apache
etag: "5db-5f1fc37c92770-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 721
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 imagesloaded.min.js Show response
banks.org/wp-includes/js/ 5 KB
2 KB 617ms
171ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 23:44:01 GMT
server: Apache
etag: "15fd-5c8c4607e1b69-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 2010
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 masonry.min.js Show response
banks.org/wp-includes/js/ 24 KB
9 KB 829ms
210ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 23:44:01 GMT
server: Apache
etag: "5e4a-5c8c4607e2b0a-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 8563
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 plugins-min.js Show response
banks.org/wp-content/themes/virtue/assets/js/min/ 69 KB
22 KB 839ms
221ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/themes/virtue/assets/js/min/plugins-min.js?ver=3.4.5
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 881165abc0c62af9a1ace026192615efa2b487fbebdec445dda8eab2365a8de8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 02:14:47 GMT
server: Apache
etag: "115b2-5f21bcc398fea-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 22703
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 magnific.js Show response
banks.org/wp-content/plugins/kadence-blocks/dist/ 20 KB
8 KB 849ms
179ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/kadence-blocks/dist/magnific.js?ver=2.4.22
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: fc7109dd6428c821842660a87bda6494e52c0f4ecad22105a1aed87e440ee0b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:36:02 GMT
server: Apache
etag: "4f29-5f1fc3e461b3e-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 8269
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 virtue-lightbox-init-min.js Show response
banks.org/wp-content/themes/virtue/assets/js/min/ 2 KB
1011 B 657ms
160ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/themes/virtue/assets/js/min/virtue-lightbox-init-min.js?ver=3.4.5
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 76f52951e4880eb9712c68c37f40c977ca2a42b6f3f8e58f75c7ab74fa6535f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 02:14:47 GMT
server: Apache
etag: "930-5f21bcc399f8a-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 765
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 main-min.js Show response
banks.org/wp-content/themes/virtue/assets/js/min/ 5 KB
2 KB 669ms
163ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/themes/virtue/assets/js/min/main-min.js?ver=3.4.5
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: b9b653ee84e3052f0bc9096b24b78e15f3aae7bbc05561baad3b527bb5e6fcd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 02:14:47 GMT
server: Apache
etag: "1273-5f21bcc398fea-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 1724
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 50 KB
18 KB 123ms
38ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:33:33 GMT
content-encoding: gzip
age: 34
x-guploader-uploadid: ADPycdvF6tFbiqUESBr-3D9tGmuLSFq6xCdFa7b7Yy8DqMWcAg9ahoAip7erezjgIxLI9EvLa8g-zCz0pj5N8_PJbabmjw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17435
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
server: UploadServer
etag: "caa762087e9d75cecc34b5d6626cb7b9"
vary: Accept-Encoding
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-generation: 1645129310876382
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 17435
accept-ranges: bytes
expires: Thu, 19 Jan 2023 20:43:33 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 123ms
37ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRoboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&ver=1672623260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://banks.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 13:14:53 GMT
x-content-type-options: nosniff
age: 544754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 13:14:53 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 181ms
96ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://banks.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 17:08:09 GMT
x-content-type-options: nosniff
age: 185158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 17:08:09 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 157ms
77ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://banks.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:59:57 GMT
x-content-type-options: nosniff
age: 556450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 09:59:57 GMT

GET
H2 200 kt-font-awesome.ttf
banks.org/wp-content/themes/virtue/assets/css/fonts/ 168 KB
168 KB 169ms
169ms Font
application/font-sfnt 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/themes/virtue/assets/css/fonts/kt-font-awesome.ttf?t9jwae
Requested by: Host: banks.org
URL: https://banks.org/wp-content/themes/virtue/assets/css/virtue.css?ver=3.4.5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 257011aeda1d6a0056a630915ca6daff92ec03dc6e45df519a89a10c894f2e14

Request headers

Referer: https://banks.org/wp-content/themes/virtue/assets/css/virtue.css?ver=3.4.5
Origin: https://banks.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
last-modified: Fri, 13 Jan 2023 02:14:47 GMT
server: Apache
accept-ranges: bytes
etag: "2a004-5f21bcc33e2ba"
content-length: 172036
content-type: application/font-sfnt

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 108ms
47ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://banks.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 05:09:29 GMT
x-content-type-options: nosniff
age: 573878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 05:09:29 GMT

GET
H2 200 banks.jpg
banks.org/wp-content/uploads/2016/03/ 4 KB
4 KB 291ms
291ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/2016/03/banks.jpg
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 29d9662278ef63e7d75f26fc4f1d96b4aea1290ee2d001569dd90dab3b5a189f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
last-modified: Thu, 24 Mar 2016 07:00:00 GMT
server: Apache
etag: "e3d-52ec5feb0fc00"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 3645
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 1456266521056-2016-and-2017-Bank-Holiday-Schedule-846x400.jpg
banks.org/wp-content/uploads/2016/02/ 36 KB
36 KB 323ms
323ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/2016/02/1456266521056-2016-and-2017-Bank-Holiday-Schedule-846x400.jpg
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: ba78318acc6f2e7b17bf23a757d77f5406b9fea6989d0ea1b975f10692e9a567

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
last-modified: Fri, 02 Apr 2021 17:34:58 GMT
server: Apache
etag: "902e-5bf00c458565b"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 36910
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 1708-featured-336x159.jpg
banks.org/wp-content/uploads/wordpress-popular-posts/ 45 KB
45 KB 236ms
236ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/wordpress-popular-posts/1708-featured-336x159.jpg
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 9824f812a64d358318dcf7f4f8e3feed3c33ba63b8bd505a6bc544113c5c1f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
last-modified: Tue, 16 Jul 2019 07:10:45 GMT
server: Apache
etag: "b325-58dc713474740"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 45861
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 439-featured-336x159.jpg
banks.org/wp-content/uploads/wordpress-popular-posts/ 39 KB
40 KB 288ms
288ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/wordpress-popular-posts/439-featured-336x159.jpg
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 6c0087475dae0eb2ce22cc9ec70afdc94601e9b962dce992d6f13ff590e6f2d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
last-modified: Thu, 19 Dec 2019 19:58:25 GMT
server: Apache
etag: "9da5-59a13fbe99a40"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 40357
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 658-featured-336x159.jpg
banks.org/wp-content/uploads/wordpress-popular-posts/ 35 KB
35 KB 263ms
262ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/wordpress-popular-posts/658-featured-336x159.jpg
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 5683e73002d98fa562f7b152f2d97141eeb1ebaaddfb6a56c1e34bd5e765f1e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
last-modified: Fri, 26 Jul 2019 00:33:13 GMT
server: Apache
etag: "8cf8-58e8ab0006440"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 36088
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 1813-featured-336x159.png
banks.org/wp-content/uploads/wordpress-popular-posts/ 54 KB
54 KB 175ms
174ms Image
image/png 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/wordpress-popular-posts/1813-featured-336x159.png
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 6712b0994a3988b3097601c4cc76815e22ad4a1ac4bb43e740cb465fab87c59d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
last-modified: Sat, 31 Aug 2019 16:22:21 GMT
server: Apache
etag: "d71e-5916c24a76940"
content-type: image/png
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 55070
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/ 358 KB
118 KB 174ms
97ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9300874048195348&plah=banks.org&bust=31071640

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9300874048195348

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61860c2cd6191f9e682e4da20d4325bc913b166ab8af4a92d25dd6b6be552548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120547
x-xss-protection: 0
server: cafe
etag: 106258882161413137
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 20:34:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230117/r20190131/ Frame D395 10 KB
5 KB 120ms
37ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230117/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9300874048195348

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 12:16:20 GMT
etag: 10353107486223812946
expires: Thu, 02 Feb 2023 12:16:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 you-cant-deposit-excuses-846x400.jpg
banks.org/wp-content/uploads/2023/01/ 37 KB
37 KB 173ms
172ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/2023/01/you-cant-deposit-excuses-846x400.jpg
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: f6e52879c56fb9b5d2d57dc7fdab0658474b04b871001a614b6aa6ec613e56a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
last-modified: Tue, 03 Jan 2023 00:03:45 GMT
server: Apache
etag: "946e-5f150cd2f9c7e"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 37998
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 457-featured-336x159.jpg
banks.org/wp-content/uploads/wordpress-popular-posts/ 44 KB
45 KB 170ms
169ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/wordpress-popular-posts/457-featured-336x159.jpg
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: cb914ca1231703352d1bf40c3eead5fcda2dabc3535bae3436a2b67bc3681f41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
last-modified: Thu, 19 Dec 2019 20:32:11 GMT
server: Apache
etag: "b10a-59a1474abe8c0"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 45322
expires: Thu, 16 Feb 2023 20:34:07 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
694 B 127ms
44ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=banks.org&callback=_gfp_s_&client=ca-pub-9300874048195348

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9300874048195348&plah=banks.org&bust=31071640

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1795ba86d406653252697d28d4ec59c6c9ac1df5c90ef5bb430536a521cb0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 228ms
75ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banks.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 149ms
48ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banks.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7135 5 KB
1 KB 287ms
286ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&adk=1812271804&adf=3025194257&lmt=1673452314&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x810_l%7C140x810_r&format=0x0&url=https%3A%2F%2Fbanks.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160447599&bpp=9&bdt=1121&idt=275&shv=r20230117&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5809613799869&frm=20&pv=2&ga_vid=1523374113.1674160448&ga_sid=1674160448&ga_hid=882837101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071640&oid=2&pvsid=3747011109229152&tmod=1053706737&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=292

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0972ea5ef30fec818c79787f12e9bf2060592cd219cfe09acce2a05355a1e712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 829
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 20:34:08 GMT
expires: Thu, 19 Jan 2023 20:34:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BDC4 84 KB
30 KB 560ms
559ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=280&adk=4144480424&adf=1612389005&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=1200x280&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160447608&bpp=2&bdt=1130&idt=288&shv=r20230117&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5809613799869&frm=20&pv=1&ga_vid=1523374113.1674160448&ga_sid=1674160448&ga_hid=882837101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=73&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071640&oid=2&pvsid=3747011109229152&tmod=1053706737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JeCJHq64uB&p=https%3A//banks.org&dtd=291

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e29346ef229c9ae46249846a845958d724dd1f7a0358bd49bcc30b4ac5c4053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30707
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 20:34:08 GMT
expires: Thu, 19 Jan 2023 20:34:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 620-featured-336x159.jpg
banks.org/wp-content/uploads/wordpress-popular-posts/ 41 KB
41 KB 166ms
165ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/wordpress-popular-posts/620-featured-336x159.jpg
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: fe882c8b5335f62577f971c21e9966c3531455194e0a5773c43ba792e6d6d2a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:08 GMT
last-modified: Thu, 19 Dec 2019 19:54:39 GMT
server: Apache
etag: "a287-59a13ee711dc0"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 41607
expires: Thu, 16 Feb 2023 20:34:08 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/ 80 KB
28 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/slotcar_library_fy2021.js?bust=31071640

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9300874048195348

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12601bd8ca240bbd8d06f7fdf1bd2ecd90c6adc647469b3b1f200d93f71be2ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28171
x-xss-protection: 0
server: cafe
etag: 17401356632450603453
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 20:34:08 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 74ms
72ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banks.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 49ms
48ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banks.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 271A 31 KB
12 KB 420ms
419ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160448207&bpp=1&bdt=1729&idt=2&shv=r20230117&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D618e2ee03cd23e97-227276258dda0014%3AT%3D1674160447%3ART%3D1674160447%3AS%3DALNI_MZ4DImZz9k75BrRJGYgdTMAp75iEA&gpic=UID%3D00000ba5910eb61b%3AT%3D1674160447%3ART%3D1674160447%3AS%3DALNI_MZ5nNq3hWaGffSVFJvwimOpbE8-1Q&prev_fmts=0x0%2C1200x280&nras=3&correlator=5809613799869&frm=20&pv=1&ga_vid=1523374113.1674160448&ga_sid=1674160448&ga_hid=882837101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071640&oid=2&pvsid=3747011109229152&tmod=1053706737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ci2a6rT9go&p=https%3A//banks.org&dtd=32

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ffa1f99d73f2a383e32fb8d4ab66da18819384dd1592a7dc7aac5504ff55fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12726
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 20:34:08 GMT
expires: Thu, 19 Jan 2023 20:34:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 205B 436 B
237 B 477ms
476ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=280&adk=3039446094&adf=1308214307&pi=t.aa~a.343856025~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=336x280&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160448217&bpp=1&bdt=1739&idt=1&shv=r20230117&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D618e2ee03cd23e97-227276258dda0014%3AT%3D1674160447%3ART%3D1674160447%3AS%3DALNI_MZ4DImZz9k75BrRJGYgdTMAp75iEA&gpic=UID%3D00000ba5910eb61b%3AT%3D1674160447%3ART%3D1674160447%3AS%3DALNI_MZ5nNq3hWaGffSVFJvwimOpbE8-1Q&prev_fmts=0x0%2C1200x280%2C263x600&nras=4&correlator=5809613799869&frm=20&pv=1&ga_vid=1523374113.1674160448&ga_sid=1674160448&ga_hid=882837101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071640&oid=2&pvsid=3747011109229152&tmod=1053706737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=urLfpZPdFa&p=https%3A//banks.org&dtd=56

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72353a3e27e9dc35d21399895a9d5fc828afbe29a146a874cbfd079a57fe33b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 20:34:08 GMT
expires: Thu, 19 Jan 2023 20:34:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame BDC4 6 KB
768 B 82ms
81ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=280&adk=4144480424&adf=1612389005&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=1200x280&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160447608&bpp=2&bdt=1130&idt=288&shv=r20230117&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5809613799869&frm=20&pv=1&ga_vid=1523374113.1674160448&ga_sid=1674160448&ga_hid=882837101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=73&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071640&oid=2&pvsid=3747011109229152&tmod=1053706737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JeCJHq64uB&p=https%3A//banks.org&dtd=291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Jan 2023 20:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 20:01:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Jan 2023 20:34:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame BDC4 2 KB
846 B 206ms
67ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 17:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 17:12:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BDC4 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CU6nDP6nJY82eOdPVtwfw4r7IC6iS1sdulLfa1v0Q-7f0_QgQASCCn7dWYJUCoAHvnf_bKMgBCakCiyOS_LEcez6oAwHIA8sEqgTCAU_QL8g4TKWslElP-7Aa2u7WdB-wJVjh312MdoZM43TNpWccmPG8oRA1NMJ5wi4dZJFYHyGrEN27p1UnjQOJUMTVgeYQ-MZ7RlctndEL-qJ066eEk8k3qA2NDpvDy-SxifrMAfq-PiceSYOch3_HSF1T0j_jPdIltRCVTOXFywvSets3dd3dbqqccVoEU5slTa1NvnIxq0xtRQXjvjs9zLj8bp2P81S0rG-lbd9eHh2xShCnfOYgl99-OamWWXozjEnHwASHx7e1ggSSBQQIBBgBkgUECAUYBKAGLoAH0JL3uwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCS7gHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItOTMwMDg3NDA0ODE5NTM0OBgA&sigh=SK-3OXX7iQc&uach_m=[UACH]&cid=CAQSGwDq26N9iWR5jy69xx1AbL8FoQnOsPamliSQ5RgBIBM&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=280&adk=4144480424&adf=1612389005&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=1200x280&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160447608&bpp=2&bdt=1130&idt=288&shv=r20230117&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5809613799869&frm=20&pv=1&ga_vid=1523374113.1674160448&ga_sid=1674160448&ga_hid=882837101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=73&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071640&oid=2&pvsid=3747011109229152&tmod=1053706737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JeCJHq64uB&p=https%3A//banks.org&dtd=291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 19 Jan 2023 20:34:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Jan 2023 20:34:08 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame BDC4 22 KB
9 KB 186ms
52ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:48:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8872
x-xss-protection: 0
server: cafe
etag: 4731094640903799552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 16:48:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame BDC4 3 KB
1 KB 202ms
68ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:48:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 16:48:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame BDC4 18 KB
7 KB 193ms
59ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 17:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 17:12:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BDC4 155 KB
48 KB 215ms
90ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 20:34:08 GMT

GET
H2 200 4486906364f6b2babc33c791099553dd.js Show response
www.gstatic.com/mysidia/ Frame BDC4 33 KB
14 KB 178ms
53ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4486906364f6b2babc33c791099553dd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da18ca5c0fcbb13b7cbcc303389199c34093913017249f2a8ba9a2f27049890a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14016
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 00:06:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Apr 2023 11:11:52 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/18224968636435824136/ Frame BDC4 7 KB
7 KB 245ms
116ms Image
image/jpeg 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18224968636435824136/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

938ab4a9e6b6f67f35d8e5cb7c8f40e3c5508bd5b1d9bfd1ad398772a77ec527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:08 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6878
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 16:52:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Jan 2024 20:34:08 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1905649553969266738/ Frame BDC4 2 KB
2 KB 197ms
69ms Image
image/png 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1905649553969266738/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9f1b48a7a7fc03b63e7e05dbfef3284eadce7131e6af91c7f444c256593e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 09:44:25 GMT
x-content-type-options: nosniff
age: 125383
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1931
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 14:45:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 18 Jan 2024 09:44:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4E55 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTCHrQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLUBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZTK4AFAJmmKcW6_uzOpx91CVzju6f3WVF8IZ6WiBkS6spu4fzf03oAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTMwMDg3NDA0ODE5NTM0OBgA&sigh=3BOtGSNNppo&uach_m=[UACH]&cid=CAQSOwDq26N9_Mum0lrvhBihq51z7n6JWMaWV0jJzpvS1LpO92Dz8yiyAyn2JVhK7tLtqx0erUx4uN98uIamGAEgEw

Requested by

Host: banks.org
URL: https://banks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160448207&bpp=1&bdt=1729&idt=2&shv=r20230117&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D618e2ee03cd23e97-227276258dda0014%3AT%3D1674160447%3ART%3D1674160447%3AS%3DALNI_MZ4DImZz9k75BrRJGYgdTMAp75iEA&gpic=UID%3D00000ba5910eb61b%3AT%3D1674160447%3ART%3D1674160447%3AS%3DALNI_MZ5nNq3hWaGffSVFJvwimOpbE8-1Q&prev_fmts=0x0%2C1200x280&nras=3&correlator=5809613799869&frm=20&pv=1&ga_vid=1523374113.1674160448&ga_sid=1674160448&ga_hid=882837101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071640&oid=2&pvsid=3747011109229152&tmod=1053706737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ci2a6rT9go&p=https%3A//banks.org&dtd=32
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 19 Jan 2023 20:34:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 4E55 0
0 140ms
48ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gqnf9kwvwf8dgd1nv8xprt7qjxt5220vj5yvhsbf6kmkg4n0v940s24nbz3snrmr5pd5sgk6prb8q4xf5q3pk599n0wnpfeq4t3epa8pjdcjttpqw6xsxjmd7e95617hkc5drxwgaregtf8b5ht4emsy1bfnnsvg7nemf6jc5wc40jj9edndhh67zm6etv5ynme1jx46fyhtf7c3s5x1yymqnc0mbphg9e3abjgw2e7pyvbpe3xra8350zn6c1dc9cy3rhf57rqmw0dmxa4v68cc4k27f5vbcd7k65mnqyjwsb8xg7h5spzs00vg17prsanfy6h8913z07vavmew1fvsxdshbh0d3z8t6yzr9j04pyh8f3fhqdq9jegtezkqrxz9n1gzq9s96c7&b=Y8mpQAAEPIIK7e-LAAqcaEVsH3knB6AJY4M02w
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 19 Jan 2023 20:34:08 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 0425 2 KB
3 KB 192ms
69ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k3cx7t185pnhn56vnpzx71tfhppczmzfwjkq3z2c7crsknscgtyszb4vb53fxx38k7yr6a4hd60dzzn11m5p0wf56fwe4dpx8r9bqmg6hwbezpr0c56rgqr9e68g30t7p7bt4ydx6s9jzhppxw828d7cexqb8pd6hp9czq65xc9gtsw184tn4nw27k8ptnepjwq9bvvd64nw62pc7kab2ee65sy27jft8f74785h93qyfzzpwbq6gjpefvq29rw0204pwqywb05z9h0hpyr9xwzpvy3wgreagqne2z6rf80wehhn0dftzn86pjpeyfsjqfpavjf13vpjdxh0bayg0hqrmbjqep70qfy4h0kc836fr8jjwnzv93bk0q1e8bk02j6kpp77n4pdybks2qy56xvagy2e92aze9rxq2zw6kqmdft5ap09vf2fhazvb83mtf1f6tnz3tg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%26client%3Dca-pub-9300874048195348%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160448207&bpp=1&bdt=1729&idt=2&shv=r20230117&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D618e2ee03cd23e97-227276258dda0014%3AT%3D1674160447%3ART%3D1674160447%3AS%3DALNI_MZ4DImZz9k75BrRJGYgdTMAp75iEA&gpic=UID%3D00000ba5910eb61b%3AT%3D1674160447%3ART%3D1674160447%3AS%3DALNI_MZ5nNq3hWaGffSVFJvwimOpbE8-1Q&prev_fmts=0x0%2C1200x280&nras=3&correlator=5809613799869&frm=20&pv=1&ga_vid=1523374113.1674160448&ga_sid=1674160448&ga_hid=882837101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071640&oid=2&pvsid=3747011109229152&tmod=1053706737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ci2a6rT9go&p=https%3A//banks.org&dtd=32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c30be6a83a1ee1ac9923e9460116e37df69f79dea73a0fbdf2f07f957f0144c3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78c25975181f9136-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 20:34:08 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 4E55 3 KB
1 KB 60ms
53ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:48:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 16:48:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1970 1 KB
643 B 41ms
37ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 12:19:16 GMT
etag: 48472445140208031
expires: Fri, 20 Jan 2023 12:19:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 4E55 18 KB
7 KB 61ms
54ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 17:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 17:12:28 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4E55 0
0 199ms
72ms Image
text/html 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkf3a_Kl-0Xzbo1BWwxdPTfPC6aHzFMzT7bsMtOlrElGeQh5fiKGH5Ml_cggGoULfeI-KmXQtTYQtNkxHkNmh7iWa8Uw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160448207&bpp=1&bdt=1729&idt=2&shv=r20230117&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D618e2ee03cd23e97-227276258dda0014%3AT%3D1674160447%3ART%3D1674160447%3AS%3DALNI_MZ4DImZz9k75BrRJGYgdTMAp75iEA&gpic=UID%3D00000ba5910eb61b%3AT%3D1674160447%3ART%3D1674160447%3AS%3DALNI_MZ5nNq3hWaGffSVFJvwimOpbE8-1Q&prev_fmts=0x0%2C1200x280&nras=3&correlator=5809613799869&frm=20&pv=1&ga_vid=1523374113.1674160448&ga_sid=1674160448&ga_hid=882837101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071640&oid=2&pvsid=3747011109229152&tmod=1053706737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ci2a6rT9go&p=https%3A//banks.org&dtd=32
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E55 155 KB
47 KB 118ms
113ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 20:34:08 GMT

GET
DATA 200
OK truncated
/ Frame BDC4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4c64f8675a0e18052ca85079b45a8c8f1bfd6af30ed1d33f3bd9b8b11ec9d9a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 1970 0
104 B 239ms
83ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFEUlBpr29hK__TazNSBvlU&google_cver=1&google_push=AavPq0NDGLWXL9Wd76ayZ_TPaAwhSlbtA6t9Bmc2gEgWBGthUTTz0zlarXz50xf3kDTX_U2m54EKUPIK60Akv0_tt9Aq0C026AqpSss
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160448207&bpp=1&bdt=1729&idt=2&shv=r20230117&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D618e2ee03cd23e97-227276258dda0014%3AT%3D1674160447%3ART%3D1674160447%3AS%3DALNI_MZ4DImZz9k75BrRJGYgdTMAp75iEA&gpic=UID%3D00000ba5910eb61b%3AT%3D1674160447%3ART%3D1674160447%3AS%3DALNI_MZ5nNq3hWaGffSVFJvwimOpbE8-1Q&prev_fmts=0x0%2C1200x280&nras=3&correlator=5809613799869&frm=20&pv=1&ga_vid=1523374113.1674160448&ga_sid=1674160448&ga_hid=882837101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071640&oid=2&pvsid=3747011109229152&tmod=1053706737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ci2a6rT9go&p=https%3A//banks.org&dtd=32
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:34:08 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1970
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHaw3clFoCA8YWvyqy3Pyv8&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHaw3clFoCA8YWvyqy3Pyv8&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WGZSTVV5TTMxUGlCQlM1&google_gid=CAESEHaw3clFoCA8YWvyqy3Pyv8&google_cver=1&google_push=AavPq0MJZ5bpFTs2nJfZ1Jhm2fCofll4E__qMdFqI3CuIpE...

170 B
232 B

75ms
74ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WGZSTVV5TTMxUGlCQlM1&google_gid=CAESEHaw3clFoCA8YWvyqy3Pyv8&google_cver=1&google_push=AavPq0MJZ5bpFTs2nJfZ1Jhm2fCofll4E__qMdFqI3CuIpEoiOleXdwjMWQGde2hnJ7050E9yYMho5H2l0mpfzUNENvPJJDmf2QOZA

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:34:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 20:34:08 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0d2fbe602de210bea@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WGZSTVV5TTMxUGlCQlM1&google_gid=CAESEHaw3clFoCA8YWvyqy3Pyv8&google_cver=1&google_push=AavPq0MJZ5bpFTs2nJfZ1Jhm2fCofll4E__qMdFqI3CuIpEoiOleXdwjMWQGde2hnJ7050E9yYMho5H2l0mpfzUNENvPJJDmf2QOZA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 1970
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHb8lHZ0GKt7Q1Zat564afc&google_cver=1&google_push=AavPq0OwGM9LnnNFU7oOHs08zg7V4w8C0zWJ0_ld4mxEK71YGIg05VRFQz7lumiA379a4nRSiZv8EJoU_VNFC9SUUsFk3_ob9ZmoC...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHb8lHZ0GKt7Q1Zat564afc&google_cver=1&google_push=AavPq0OwGM9LnnNFU7oOHs08zg7V4w8C0zWJ0_ld4mxEK71YGIg05VRFQz7lumiA379a4nRSiZv8EJoU_VNFC9SUUsFk3_ob9Zm...

43 B
449 B

237ms
236ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHb8lHZ0GKt7Q1Zat564afc&google_cver=1&google_push=AavPq0OwGM9LnnNFU7oOHs08zg7V4w8C0zWJ0_ld4mxEK71YGIg05VRFQz7lumiA379a4nRSiZv8EJoU_VNFC9SUUsFk3_ob9ZmoCQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OwGM9LnnNFU7oOHs08zg7V4w8C0zWJ0_ld4mxEK71YGIg05VRFQz7lumiA379a4nRSiZv8EJoU_VNFC9SUUsFk3_ob9ZmoCQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160448207&bpp=1&bdt=1729&idt=2&shv=r20230117&mjsv=m202301030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D618e2ee03cd23e97-227276258dda0014%3AT%3D1674160447%3ART%3D1674160447%3AS%3DALNI_MZ4DImZz9k75BrRJGYgdTMAp75iEA&gpic=UID%3D00000ba5910eb61b%3AT%3D1674160447%3ART%3D1674160447%3AS%3DALNI_MZ5nNq3hWaGffSVFJvwimOpbE8-1Q&prev_fmts=0x0%2C1200x280&nras=3&correlator=5809613799869&frm=20&pv=1&ga_vid=1523374113.1674160448&ga_sid=1674160448&ga_hid=882837101&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31071640&oid=2&pvsid=3747011109229152&tmod=1053706737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ci2a6rT9go&p=https%3A//banks.org&dtd=32
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:34:09 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 78c2597659fb30cc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:34:08 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 145
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHb8lHZ0GKt7Q1Zat564afc&google_cver=1&google_push=AavPq0OwGM9LnnNFU7oOHs08zg7V4w8C0zWJ0_ld4mxEK71YGIg05VRFQz7lumiA379a4nRSiZv8EJoU_VNFC9SUUsFk3_ob9ZmoCQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OwGM9LnnNFU7oOHs08zg7V4w8C0zWJ0_ld4mxEK71YGIg05VRFQz7lumiA379a4nRSiZv8EJoU_VNFC9SUUsFk3_ob9ZmoCQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 78c259753ff530cc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1970
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGJpJk0yKXBaPIZXOS936gw&google_push=AavPq0P4kPl6opSCuRWwQMunJadjs72fMQQ4pTKMZNZQHCsQ_4qmczyLQu...

170 B
188 B

75ms
75ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGJpJk0yKXBaPIZXOS936gw&google_push=AavPq0P4kPl6opSCuRWwQMunJadjs72fMQQ4pTKMZNZQHCsQ_4qmczyLQuQvTcTqKcch9Wufo9LM-MnGD7DSgBtSr2r2xlmkj8EFv6Y

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:34:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-yyz4525-YYZ
pragma: no-cache
date: Thu, 19 Jan 2023 20:34:09 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1674160449.099308,VS0,VE19
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGJpJk0yKXBaPIZXOS936gw&google_push=AavPq0P4kPl6opSCuRWwQMunJadjs72fMQQ4pTKMZNZQHCsQ_4qmczyLQuQvTcTqKcch9Wufo9LM-MnGD7DSgBtSr2r2xlmkj8EFv6Y
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1970
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPVJy9G674yVuPXJ9gNoLy0&google_cver=1&google_push=AavPq0OEn79eSUaaI8mxCnFtjy9PwGlReKEdqvEfItfnbdXRIRlaO9pyuG9VcapwbKUxhxFbkoVwL23Z9OdAvmO6...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zBMIzHAJR9WPLAFArBvVDw2&google_push=AavPq0OEn79eSUaaI8mxCnFtjy9PwGlReKEdqvEfItfnbdXRIRlaO9pyuG9VcapwbKUxhxFbkoVwL23Z9OdAvmO6NJ0VX7BCa9aQdg

170 B
502 B

85ms
74ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zBMIzHAJR9WPLAFArBvVDw2&google_push=AavPq0OEn79eSUaaI8mxCnFtjy9PwGlReKEdqvEfItfnbdXRIRlaO9pyuG9VcapwbKUxhxFbkoVwL23Z9OdAvmO6NJ0VX7BCa9aQdg

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:34:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 19 Jan 2023 20:34:08 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zBMIzHAJR9WPLAFArBvVDw2&google_push=AavPq0OEn79eSUaaI8mxCnFtjy9PwGlReKEdqvEfItfnbdXRIRlaO9pyuG9VcapwbKUxhxFbkoVwL23Z9OdAvmO6NJ0VX7BCa9aQdg
x-host: tde-deliveryengine-production-fb497649f-hx725
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1970
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEI8_G2LjNtYfM_6s8DGAlXQ&google_cver=1&google_push=AavPq0MjD6YEOFcsBoTdEI30Rp8n3v8J9yXhj4nHyAudnBsUMZvJJ3ZEkQzuqmsiLZYCAD0RLRjewanIIPHYwzQj5hCbtq...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEI8_G2LjNtYfM_6s8DGAlXQ&google_cver=1&google_push=AavPq0MjD6YEOFcsBoTdEI30Rp8n3v8J9yXhj4nHyAudnBsUMZvJJ3ZEkQzuqmsiLZYCAD0RLRjewanIIPHYwzQj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=SyV6XnGfQxGAceDuATc73w&google_push=AavPq0MjD6YEOFcsBoTdEI30Rp8n3v8J9yXhj4nHyAudnBsUMZvJJ3ZEkQzuqmsiLZYCAD0RLRjewanIIPHYwzQ...

170 B
232 B

75ms
74ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=SyV6XnGfQxGAceDuATc73w&google_push=AavPq0MjD6YEOFcsBoTdEI30Rp8n3v8J9yXhj4nHyAudnBsUMZvJJ3ZEkQzuqmsiLZYCAD0RLRjewanIIPHYwzQj5hCbtqTxX01nNbw

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:34:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=SyV6XnGfQxGAceDuATc73w&google_push=AavPq0MjD6YEOFcsBoTdEI30Rp8n3v8J9yXhj4nHyAudnBsUMZvJJ3ZEkQzuqmsiLZYCAD0RLRjewanIIPHYwzQj5hCbtqTxX01nNbw
access-control-allow-origin: *
date: Thu, 19 Jan 2023 20:34:09 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1970
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEE7jsL-lJ...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEE7...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0420e65d-32c8-47a8-91f4-932021a33c66&%%GOOGLE_PUSH_PAIR%%

170 B
232 B

75ms
75ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0420e65d-32c8-47a8-91f4-932021a33c66&%%GOOGLE_PUSH_PAIR%%

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:34:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0420e65d-32c8-47a8-91f4-932021a33c66&%%GOOGLE_PUSH_PAIR%%
date: Thu, 19 Jan 2023 20:34:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1970 0
50 B 351ms
174ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JdPN2B0Ynqa4h5v-6W033d4HjEiZvDheIe2WIHDmQbO-sdIrtjubVUDMgapo7fyjPdnjN6Pg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 4E55 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 539afb309c028272c6b3c0180146d95ce1bd0cc88848d4ce03255917bf297c23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BDC4 15 KB
15 KB 38ms
37ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 20:22:20 GMT
x-content-type-options: nosniff
age: 519108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 20:22:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BDC4 15 KB
16 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 05:09:29 GMT
x-content-type-options: nosniff
age: 573879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 05:09:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BDC4 15 KB
15 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 13:14:53 GMT
x-content-type-options: nosniff
age: 544755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 13:14:53 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame 0425 90 KB
11 KB 53ms
52ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k3cx7t185pnhn56vnpzx71tfhppczmzfwjkq3z2c7crsknscgtyszb4vb53fxx38k7yr6a4hd60dzzn11m5p0wf56fwe4dpx8r9bqmg6hwbezpr0c56rgqr9e68g30t7p7bt4ydx6s9jzhppxw828d7cexqb8pd6hp9czq65xc9gtsw184tn4nw27k8ptnepjwq9bvvd64nw62pc7kab2ee65sy27jft8f74785h93qyfzzpwbq6gjpefvq29rw0204pwqywb05z9h0hpyr9xwzpvy3wgreagqne2z6rf80wehhn0dftzn86pjpeyfsjqfpavjf13vpjdxh0bayg0hqrmbjqep70qfy4h0kc836fr8jjwnzv93bk0q1e8bk02j6kpp77n4pdybks2qy56xvagy2e92aze9rxq2zw6kqmdft5ap09vf2fhazvb83mtf1f6tnz3tg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%26client%3Dca-pub-9300874048195348%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k3cx7t185pnhn56vnpzx71tfhppczmzfwjkq3z2c7crsknscgtyszb4vb53fxx38k7yr6a4hd60dzzn11m5p0wf56fwe4dpx8r9bqmg6hwbezpr0c56rgqr9e68g30t7p7bt4ydx6s9jzhppxw828d7cexqb8pd6hp9czq65xc9gtsw184tn4nw27k8ptnepjwq9bvvd64nw62pc7kab2ee65sy27jft8f74785h93qyfzzpwbq6gjpefvq29rw0204pwqywb05z9h0hpyr9xwzpvy3wgreagqne2z6rf80wehhn0dftzn86pjpeyfsjqfpavjf13vpjdxh0bayg0hqrmbjqep70qfy4h0kc836fr8jjwnzv93bk0q1e8bk02j6kpp77n4pdybks2qy56xvagy2e92aze9rxq2zw6kqmdft5ap09vf2fhazvb83mtf1f6tnz3tg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%26client%3Dca-pub-9300874048195348%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 105601
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTyMMj72FoPaP0hLt7%2BdtZqcFG5CvG9uclxCwCBmWiGU3t6K%2BNZwzO%2B%2FUWV2XoFnszX5bKoNcHGHrDQNxm2JwPUmqlVN3RkXPUKJ0myO9X54TL8ZvGZMXAfIEpyszcoPoAakqB3RlLc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78c2597599429136-FRA
expires: Thu, 19 Jan 2023 21:34:08 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 0425 35 KB
12 KB 73ms
55ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k3cx7t185pnhn56vnpzx71tfhppczmzfwjkq3z2c7crsknscgtyszb4vb53fxx38k7yr6a4hd60dzzn11m5p0wf56fwe4dpx8r9bqmg6hwbezpr0c56rgqr9e68g30t7p7bt4ydx6s9jzhppxw828d7cexqb8pd6hp9czq65xc9gtsw184tn4nw27k8ptnepjwq9bvvd64nw62pc7kab2ee65sy27jft8f74785h93qyfzzpwbq6gjpefvq29rw0204pwqywb05z9h0hpyr9xwzpvy3wgreagqne2z6rf80wehhn0dftzn86pjpeyfsjqfpavjf13vpjdxh0bayg0hqrmbjqep70qfy4h0kc836fr8jjwnzv93bk0q1e8bk02j6kpp77n4pdybks2qy56xvagy2e92aze9rxq2zw6kqmdft5ap09vf2fhazvb83mtf1f6tnz3tg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%26client%3Dca-pub-9300874048195348%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 192588
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXfuWYD6c0o3fjalviXSxMpBxUr1AzIKuFJG%2FyaUnHvMIxc09H8f87Hh5%2Fc2dAREu8p2K2FnVmj3WBiTubS9Ju93iv7%2B9Cq%2BkndZrvbeO59%2BIgLyYGtCP9aj8e6inL9fDiJSLsY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 78c25975b9759136-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 17 Jan 2023 15:04:20 GMT

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 61D0 36 KB
15 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 06:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jan 2024 06:38:07 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 0425 3 KB
4 KB 148ms
56ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31064731
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4bFTPpoeD%2BqwB3c%2FIlI10PwniI4WDJ502nKmWCNMC%2FT7qQcBVH9jhdQGTG4CkE2d82eAJLdlDW8vnIRjj9%2FOGh9gwkhFIyei1pyrY1omFNo38xju27aOGJJ0oy%2BNzXLAdQ2C7oNQid%2Bv7NYNLWFbKD8"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 78c25976d891901f-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame D013 2 KB
1 KB 74ms
74ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1988934
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 78c25976580cbbc1-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 19 Jan 2023 20:34:09 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVJyowEfjciwK9gJJ8dG5lE21sDKXF9brW8rvKtN%2FwgYehBxOQ0XkMym7jLKPzTDSOQEJSu8avna9lQ3SOd0hP0KBhdmHDK7ENqY9eilz9qmEZBR0nHm98t5a7MaDY2yqYNBr3Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 0425 1 KB
2 KB 67ms
67ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c99a04082b9b5e5b654166f9f6370382cca9e187af54b0e774269ff58fa0037f

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 Jan 2023 20:34:09 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXiUOgQulceehXQol4A8xHjOKxGBTD1SCVPKN5pYEV8%2Fbcf7HsSKfUBrjmq07I6JR8GY2mahDMfIl9L7mDSSAd7ulVMIsYsXTM%2FcFMo%2B6yYms2iPIiQjqpLDrhqeK%2FQ98d0DMqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 78c2597788589b1b-FRA
x-backend-server: aa-reachservice-group-europe-west1-gxt5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 103ms
62ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 78c259771fa99b1b-FRA
content-length: 24
content-type: text/plain
date: Thu, 19 Jan 2023 20:34:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jyorGdvBuTN1wWN%2BUweS6jPG9aqh6vufklFahBKePbaiv2S6QZz5nQ7oeRoZgakhsL7R05jeZckhV0ron3JL0fevW3GRlZEGXGm8ALytMus%2FLxhWJxEf8zFuAx7VMJwenm6nesQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-gxt5

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 84ms
84ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230117&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7e7459f653741f0fe00f17e9c835a04f0134f4d3dc34c2ceac5b6006d3adf1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10867
x-xss-protection: 0

GET
H2 200 794-featured-336x159.jpg
banks.org/wp-content/uploads/wordpress-popular-posts/ 22 KB
22 KB 162ms
161ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/wordpress-popular-posts/794-featured-336x159.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: b9dad9cc2b20c83730fee65fb98286b28436e715427d2494ed3cbbfdf0c4f832

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:09 GMT
last-modified: Tue, 16 Jul 2019 07:10:45 GMT
server: Apache
etag: "565e-58dc713474740"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 22110
expires: Thu, 16 Feb 2023 20:34:09 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 102ms
102ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 20:34:09 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame AD93 12 KB
4 KB 67ms
66ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=407ba02b6947d4dd53eb7c416b89e9e9%2F3785592455970731672&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1674160449223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzptjhzmj9fbj5xqb254mzfac798pm6e1azwwbr4qtqgdhdb6x62rkqqzf1xta7cmckvm5xqyy3jdgs9xg6a5fzj9b01b1k1qmxqk9zq27mhd8n90e9hrwgg1vh74fwzgsn5cm9maknsv49c5rw4sy0prqqgzej4h4rya5k1b35xy35drkxkspvgys2fk2ra7z6ywr9e60gpm6s401es384s22za4mh2dpeqbj4hmhtn7jydjkfxxk6wstcya4vf6xsn0eez16tkcd17axb0nefz4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%2526client%253Dca-pub-9300874048195348%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dc628ca642a6238b960771f7a5433b888a6d895fa9dd29803f69abb62a9a182

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1k3cx7t185pnhn56vnpzx71tfhppczmzfwjkq3z2c7crsknscgtyszb4vb53fxx38k7yr6a4hd60dzzn11m5p0wf56fwe4dpx8r9bqmg6hwbezpr0c56rgqr9e68g30t7p7bt4ydx6s9jzhppxw828d7cexqb8pd6hp9czq65xc9gtsw184tn4nw27k8ptnepjwq9bvvd64nw62pc7kab2ee65sy27jft8f74785h93qyfzzpwbq6gjpefvq29rw0204pwqywb05z9h0hpyr9xwzpvy3wgreagqne2z6rf80wehhn0dftzn86pjpeyfsjqfpavjf13vpjdxh0bayg0hqrmbjqep70qfy4h0kc836fr8jjwnzv93bk0q1e8bk02j6kpp77n4pdybks2qy56xvagy2e92aze9rxq2zw6kqmdft5ap09vf2fhazvb83mtf1f6tnz3tg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%26client%3Dca-pub-9300874048195348%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78c25977fcebbbc1-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 20:34:09 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 citi-holidays-846x400.jpg
banks.org/wp-content/uploads/2022/12/ 56 KB
56 KB 180ms
179ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/2022/12/citi-holidays-846x400.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 29fdd734852b4f6ce48f9560d82467cd1a1ad75da8233b86b1a1a09646254401

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:09 GMT
last-modified: Thu, 29 Dec 2022 15:04:51 GMT
server: Apache
etag: "dfb6-5f0f8ce91819c"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 57270
expires: Thu, 16 Feb 2023 20:34:09 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame AD93 90 KB
12 KB 52ms
51ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=407ba02b6947d4dd53eb7c416b89e9e9%2F3785592455970731672&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1674160449223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzptjhzmj9fbj5xqb254mzfac798pm6e1azwwbr4qtqgdhdb6x62rkqqzf1xta7cmckvm5xqyy3jdgs9xg6a5fzj9b01b1k1qmxqk9zq27mhd8n90e9hrwgg1vh74fwzgsn5cm9maknsv49c5rw4sy0prqqgzej4h4rya5k1b35xy35drkxkspvgys2fk2ra7z6ywr9e60gpm6s401es384s22za4mh2dpeqbj4hmhtn7jydjkfxxk6wstcya4vf6xsn0eez16tkcd17axb0nefz4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%2526client%253Dca-pub-9300874048195348%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=407ba02b6947d4dd53eb7c416b89e9e9%2F3785592455970731672&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1674160449223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzptjhzmj9fbj5xqb254mzfac798pm6e1azwwbr4qtqgdhdb6x62rkqqzf1xta7cmckvm5xqyy3jdgs9xg6a5fzj9b01b1k1qmxqk9zq27mhd8n90e9hrwgg1vh74fwzgsn5cm9maknsv49c5rw4sy0prqqgzej4h4rya5k1b35xy35drkxkspvgys2fk2ra7z6ywr9e60gpm6s401es384s22za4mh2dpeqbj4hmhtn7jydjkfxxk6wstcya4vf6xsn0eez16tkcd17axb0nefz4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%2526client%253Dca-pub-9300874048195348%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 105602
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWfXiqNdtBx3RY5VsvZIXKhM8rPfzm8Q4gFa%2FJA9cnyKJuJjsA2Jnugdd7qnvbwiuuT5XBwnKiRaytKwsHzYateaFIvW734%2FKtfpwFTq0EpDD%2FXQk7BmXbOKgyZili4PXA7gxNHandU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78c259786e10bbc1-FRA
expires: Thu, 19 Jan 2023 21:34:09 GMT

GET
H2 200 B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
assets.ad4m.at/logo/ Frame AD93 26 KB
26 KB 60ms
49ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=407ba02b6947d4dd53eb7c416b89e9e9%2F3785592455970731672&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1674160449223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzptjhzmj9fbj5xqb254mzfac798pm6e1azwwbr4qtqgdhdb6x62rkqqzf1xta7cmckvm5xqyy3jdgs9xg6a5fzj9b01b1k1qmxqk9zq27mhd8n90e9hrwgg1vh74fwzgsn5cm9maknsv49c5rw4sy0prqqgzej4h4rya5k1b35xy35drkxkspvgys2fk2ra7z6ywr9e60gpm6s401es384s22za4mh2dpeqbj4hmhtn7jydjkfxxk6wstcya4vf6xsn0eez16tkcd17axb0nefz4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%2526client%253Dca-pub-9300874048195348%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1296881
cf-polished: origFmt=png, origSize=53992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26236
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Jun 2022 14:47:26 GMT
server: cloudflare
etag: "e460905652d65e6a54a57da046f52d6c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKtRUB4rrgUmbUOKY4lhar%2B16H%2FbXx%2BlzmwTwKzTpdC%2F69RqPOhLN99cZNfRN8GblE8D1lcEw6B5ktM3Vi1z%2FRcR%2FiAVD2HrQF4RyXl99yx6d2nQx%2BBErGto4jTK2ZuOUHGAK%2B28IA5kB3Gy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78c259788ec59136-FRA
expires: Fri, 20 Jan 2023 20:34:09 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame AD93 54 KB
55 KB 81ms
73ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=407ba02b6947d4dd53eb7c416b89e9e9%2F3785592455970731672&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1674160449223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzptjhzmj9fbj5xqb254mzfac798pm6e1azwwbr4qtqgdhdb6x62rkqqzf1xta7cmckvm5xqyy3jdgs9xg6a5fzj9b01b1k1qmxqk9zq27mhd8n90e9hrwgg1vh74fwzgsn5cm9maknsv49c5rw4sy0prqqgzej4h4rya5k1b35xy35drkxkspvgys2fk2ra7z6ywr9e60gpm6s401es384s22za4mh2dpeqbj4hmhtn7jydjkfxxk6wstcya4vf6xsn0eez16tkcd17axb0nefz4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%2526client%253Dca-pub-9300874048195348%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2155422
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55798
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W76ZnJNJPIW9FHlr%2FXfD3UanEDAIeTOupVX73esKcx8tgQAfHfidbD8PnAF9aQFKfPcNSqMmaNriBjFPEGzj1F1VSb74q07jR1eJrRfmctRFoX%2BBAYcI7PDK22Uvr9oa8KIOzbRzzo9ZYGLE"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78c259788ec99136-FRA
expires: Fri, 20 Jan 2023 20:34:09 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame AD93 2 KB
3 KB 80ms
72ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=407ba02b6947d4dd53eb7c416b89e9e9%2F3785592455970731672&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1674160449223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzptjhzmj9fbj5xqb254mzfac798pm6e1azwwbr4qtqgdhdb6x62rkqqzf1xta7cmckvm5xqyy3jdgs9xg6a5fzj9b01b1k1qmxqk9zq27mhd8n90e9hrwgg1vh74fwzgsn5cm9maknsv49c5rw4sy0prqqgzej4h4rya5k1b35xy35drkxkspvgys2fk2ra7z6ywr9e60gpm6s401es384s22za4mh2dpeqbj4hmhtn7jydjkfxxk6wstcya4vf6xsn0eez16tkcd17axb0nefz4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%2526client%253Dca-pub-9300874048195348%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2160130
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfQUfPkELhUZEBCkCAnOhdJmvqo1A%2F3srcFXBlvJz48%2B3WiqD9T8ZYA1aQBNfpjQ%2FcfIiXXX227E4fKbCwS%2B0jFp7IYgOtnTxlL3mY3hB0qy%2FtLVl6n5DbIdzV2GfT9gtYr3YZ%2FD1hQxo2IB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78c259788ecc9136-FRA
expires: Fri, 20 Jan 2023 20:34:09 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame AD93 339 KB
340 KB 69ms
61ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=407ba02b6947d4dd53eb7c416b89e9e9%2F3785592455970731672&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1674160449223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzptjhzmj9fbj5xqb254mzfac798pm6e1azwwbr4qtqgdhdb6x62rkqqzf1xta7cmckvm5xqyy3jdgs9xg6a5fzj9b01b1k1qmxqk9zq27mhd8n90e9hrwgg1vh74fwzgsn5cm9maknsv49c5rw4sy0prqqgzej4h4rya5k1b35xy35drkxkspvgys2fk2ra7z6ywr9e60gpm6s401es384s22za4mh2dpeqbj4hmhtn7jydjkfxxk6wstcya4vf6xsn0eez16tkcd17axb0nefz4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%2526client%253Dca-pub-9300874048195348%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2154752
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgfW1qcHkp0%2BhQxkntmBD1fO381f78%2Fe%2Fl55SolNrEuha8xo%2FgYiv0b5qjxDZpTVrZOKssdMTdrk4PkaFYi511bMmo3xCKdA7xBJRsVvln76pKvj5PLKMUvul1ZXvjic%2Bmbl6r6VU984bcCm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78c259788ecd9136-FRA
expires: Fri, 20 Jan 2023 20:34:09 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame AD93 43 B
704 B 275ms
76ms Image
image/gif 104.87.133.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2767075&v=20044&q=402224&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=407ba02b6947d4dd53eb7c416b89e9e9%2F3785592455970731672&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1674160449223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzptjhzmj9fbj5xqb254mzfac798pm6e1azwwbr4qtqgdhdb6x62rkqqzf1xta7cmckvm5xqyy3jdgs9xg6a5fzj9b01b1k1qmxqk9zq27mhd8n90e9hrwgg1vh74fwzgsn5cm9maknsv49c5rw4sy0prqqgzej4h4rya5k1b35xy35drkxkspvgys2fk2ra7z6ywr9e60gpm6s401es384s22za4mh2dpeqbj4hmhtn7jydjkfxxk6wstcya4vf6xsn0eez16tkcd17axb0nefz4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%2526client%253Dca-pub-9300874048195348%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.87.133.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-87-133-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 20:34:09 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 DD95FF88FA3D93F6F44D3AC31E55B69E88B3B4546FE4BC6F8B33238666415C0B819A6AF1FC78B5EC7D26C7715A6F49E85CEDA62985F3A5877BCD8483DC0580F8
assets.ad4m.at/logo/ Frame AD93 17 KB
17 KB 80ms
72ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DD95FF88FA3D93F6F44D3AC31E55B69E88B3B4546FE4BC6F8B33238666415C0B819A6AF1FC78B5EC7D26C7715A6F49E85CEDA62985F3A5877BCD8483DC0580F8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=407ba02b6947d4dd53eb7c416b89e9e9%2F3785592455970731672&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1674160449223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzptjhzmj9fbj5xqb254mzfac798pm6e1azwwbr4qtqgdhdb6x62rkqqzf1xta7cmckvm5xqyy3jdgs9xg6a5fzj9b01b1k1qmxqk9zq27mhd8n90e9hrwgg1vh74fwzgsn5cm9maknsv49c5rw4sy0prqqgzej4h4rya5k1b35xy35drkxkspvgys2fk2ra7z6ywr9e60gpm6s401es384s22za4mh2dpeqbj4hmhtn7jydjkfxxk6wstcya4vf6xsn0eez16tkcd17axb0nefz4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%2526client%253Dca-pub-9300874048195348%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7a8cf463d8af865cc28bd6d81d41134e809375632eef8823768b460ce8e6e7c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 615138
cf-polished: origFmt=png, origSize=29332
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17118
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 May 2020 13:33:22 GMT
server: cloudflare
etag: "122e7322a58f4a1954c70b4a17dfafb3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDtPkAM8kIt%2FzzdxyqLGFdzAtF3jk958iCsk4gzOJBeMkgBirR2jDtyRFU08wHifZAJpFMnI%2FUnKl8HHBS8LtNKNqEWPBDaWSw15z4MGwQ5rg8MpYGKvDfTmvc%2B7J%2Fx8n3xF6EkqqSZCsArH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78c259788ecf9136-FRA
expires: Fri, 20 Jan 2023 20:34:09 GMT

GET
H2 200 0E5BFA76C26FC73E55AB6D68B83E55550C792CB830C69D31D329CEBDC2E4AB9165A435BB4F9054A5789B03CA381227A36BCB33A334DD00ADA2F66E01950FC2DD
assets.ad4m.at/product_image/ Frame AD93 173 KB
174 KB 80ms
72ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/0E5BFA76C26FC73E55AB6D68B83E55550C792CB830C69D31D329CEBDC2E4AB9165A435BB4F9054A5789B03CA381227A36BCB33A334DD00ADA2F66E01950FC2DD
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=407ba02b6947d4dd53eb7c416b89e9e9%2F3785592455970731672&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1674160449223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzptjhzmj9fbj5xqb254mzfac798pm6e1azwwbr4qtqgdhdb6x62rkqqzf1xta7cmckvm5xqyy3jdgs9xg6a5fzj9b01b1k1qmxqk9zq27mhd8n90e9hrwgg1vh74fwzgsn5cm9maknsv49c5rw4sy0prqqgzej4h4rya5k1b35xy35drkxkspvgys2fk2ra7z6ywr9e60gpm6s401es384s22za4mh2dpeqbj4hmhtn7jydjkfxxk6wstcya4vf6xsn0eez16tkcd17axb0nefz4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%2526client%253Dca-pub-9300874048195348%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac6819ddbdc4c3a3845e32f55947158747e75113248edc9644fa65c4ed9934ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1705472
cf-polished: origFmt=png, origSize=270249
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 177346
cf-bgj: imgq:85,h2pri
last-modified: Tue, 13 Oct 2020 11:03:48 GMT
server: cloudflare
etag: "e93e5f11efcf3516506c022b6dda411d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeIKRAQ5Dj951SEnGuTA2ERmtOsh22t8MYaUiJdQHBtjc1bpDS1s2AZRvOgMHldjlSIivLu8Q4hqXHoZxKoKdICbiCn4premSx7Ct6QPGHmLsu7pYfePaB7zdM4bQyyoseWhH2n%2BmRMmabY%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78c259788ed09136-FRA
expires: Fri, 20 Jan 2023 20:34:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9633 13 KB
5 KB 53ms
52ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 136948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 06:31:41 GMT
expires: Thu, 18 Jan 2024 06:31:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F11C 783 B
1000 B 76ms
76ms Document
text/html 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2af2da12b1737d1c51d0166de63463984db4ff4f2118bc0f55a9a6d126cfda95

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-j6JgO269fnB6__PT1xcgxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://banks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-j6JgO269fnB6__PT1xcgxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 20:34:09 GMT
expires: Thu, 19 Jan 2023 20:34:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 9633 36 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 06:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jan 2024 06:38:07 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame AD93 2 KB
2 KB 270ms
143ms Script
text/html 35.176.33.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jv1c734ew0pxhaz8r6ytmpa9cjwp0snhh22z85dsbsbk2yr74g4d7c5h4baaynrxn6zw2fcg25yn783s7b4vpfat57259gdexvtf4d42my6576fz7cw9zqxv8nyv2fk9951fhkkzdf3deyfydd5mn9jxy28ezwjgpm1mt1kcxhbpa0amtk0fer53peyxjx7e2capqbx7y4ngt9hq02scp6ynj18d6avdgcxcpyp75csp4sps1ew2kva3v49w0c8wvkg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hzptjhzmj9fbj5xqb254mzfac798pm6e1azwwbr4qtqgdhdb6x62rkqqzf1xta7cmckvm5xqyy3jdgs9xg6a5fzj9b01b1k1qmxqk9zq27mhd8n90e9hrwgg1vh74fwzgsn5cm9maknsv49c5rw4sy0prqqgzej4h4rya5k1b35xy35drkxkspvgys2fk2ra7z6ywr9e60gpm6s401es384s22za4mh2dpeqbj4hmhtn7jydjkfxxk6wstcya4vf6xsn0eez16tkcd17axb0nefz4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%252526client%25253Dca-pub-9300874048195348%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=407ba02b6947d4dd53eb7c416b89e9e9%2F3785592455970731672&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1674160449223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzptjhzmj9fbj5xqb254mzfac798pm6e1azwwbr4qtqgdhdb6x62rkqqzf1xta7cmckvm5xqyy3jdgs9xg6a5fzj9b01b1k1qmxqk9zq27mhd8n90e9hrwgg1vh74fwzgsn5cm9maknsv49c5rw4sy0prqqgzej4h4rya5k1b35xy35drkxkspvgys2fk2ra7z6ywr9e60gpm6s401es384s22za4mh2dpeqbj4hmhtn7jydjkfxxk6wstcya4vf6xsn0eez16tkcd17axb0nefz4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%2526client%253Dca-pub-9300874048195348%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.33.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-33-61.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: aaca829ff1ccdd343073a7d4f019ed4d1935da4213ddadc1c2a213ffa34ef284

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:09 GMT
last-modified: Thu, 19 Jan 2023 20:34:09 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 19 Jan 2023 20:35:09 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame AD93 1 KB
2 KB 216ms
96ms Script
text/html 35.176.33.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2100065&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hyghtdsdzqadxcnwyr62rtewh9m2y3cth3qs3w60kp8kyvcytm3ss5812d3121wxz6swgjhe9xepy4bx66m2xxkmq87t5jx701hz7rbzqrjahhjcft2kgbxtn797v874fxvz96w8eyba9b5derh3dye12wr6as4wy5d91j5pe9fff2mfc4vnprypnwzaaxw2pvmdmn6eybwdvaj7w85w76h0w82nq5hzc99nwgj4dtd7nq6rbkaf690znrmpsj0tg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hzptjhzmj9fbj5xqb254mzfac798pm6e1azwwbr4qtqgdhdb6x62rkqqzf1xta7cmckvm5xqyy3jdgs9xg6a5fzj9b01b1k1qmxqk9zq27mhd8n90e9hrwgg1vh74fwzgsn5cm9maknsv49c5rw4sy0prqqgzej4h4rya5k1b35xy35drkxkspvgys2fk2ra7z6ywr9e60gpm6s401es384s22za4mh2dpeqbj4hmhtn7jydjkfxxk6wstcya4vf6xsn0eez16tkcd17axb0nefz4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%252526client%25253Dca-pub-9300874048195348%252526adurl%25253D&clickref=oneidP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=407ba02b6947d4dd53eb7c416b89e9e9%2F3785592455970731672&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1674160449223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzptjhzmj9fbj5xqb254mzfac798pm6e1azwwbr4qtqgdhdb6x62rkqqzf1xta7cmckvm5xqyy3jdgs9xg6a5fzj9b01b1k1qmxqk9zq27mhd8n90e9hrwgg1vh74fwzgsn5cm9maknsv49c5rw4sy0prqqgzej4h4rya5k1b35xy35drkxkspvgys2fk2ra7z6ywr9e60gpm6s401es384s22za4mh2dpeqbj4hmhtn7jydjkfxxk6wstcya4vf6xsn0eez16tkcd17axb0nefz4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%2526client%253Dca-pub-9300874048195348%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.33.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-33-61.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 3c7d73daaf40eb13f6dc8ef124010a6746d4766471bc24f7b5bf203b68347160

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:09 GMT
last-modified: Thu, 19 Jan 2023 20:34:09 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 19 Jan 2023 20:35:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F11C 0
0 138ms
138ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230117&jk=3747011109229152&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame AD93 85 KB
31 KB 171ms
55ms Script
application/javascript 18.66.15.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2100065&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hyghtdsdzqadxcnwyr62rtewh9m2y3cth3qs3w60kp8kyvcytm3ss5812d3121wxz6swgjhe9xepy4bx66m2xxkmq87t5jx701hz7rbzqrjahhjcft2kgbxtn797v874fxvz96w8eyba9b5derh3dye12wr6as4wy5d91j5pe9fff2mfc4vnprypnwzaaxw2pvmdmn6eybwdvaj7w85w76h0w82nq5hzc99nwgj4dtd7nq6rbkaf690znrmpsj0tg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hzptjhzmj9fbj5xqb254mzfac798pm6e1azwwbr4qtqgdhdb6x62rkqqzf1xta7cmckvm5xqyy3jdgs9xg6a5fzj9b01b1k1qmxqk9zq27mhd8n90e9hrwgg1vh74fwzgsn5cm9maknsv49c5rw4sy0prqqgzej4h4rya5k1b35xy35drkxkspvgys2fk2ra7z6ywr9e60gpm6s401es384s22za4mh2dpeqbj4hmhtn7jydjkfxxk6wstcya4vf6xsn0eez16tkcd17axb0nefz4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%252526client%25253Dca-pub-9300874048195348%252526adurl%25253D&clickref=oneidP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-19.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:31:20 GMT
content-encoding: gzip
via: 1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 18169
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 6t82ZYG9BLGCK6JNRaxshQ6W-u1SUKRkkJHZbENzudCadS-Us9lCgQ==

GET
H2 200 link.html
track.webgains.com/ Frame AD93 3 KB
3 KB 97ms
97ms Image
image/gif 35.176.33.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2100065
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=407ba02b6947d4dd53eb7c416b89e9e9%2F3785592455970731672&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1674160449223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzptjhzmj9fbj5xqb254mzfac798pm6e1azwwbr4qtqgdhdb6x62rkqqzf1xta7cmckvm5xqyy3jdgs9xg6a5fzj9b01b1k1qmxqk9zq27mhd8n90e9hrwgg1vh74fwzgsn5cm9maknsv49c5rw4sy0prqqgzej4h4rya5k1b35xy35drkxkspvgys2fk2ra7z6ywr9e60gpm6s401es384s22za4mh2dpeqbj4hmhtn7jydjkfxxk6wstcya4vf6xsn0eez16tkcd17axb0nefz4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%2526client%253Dca-pub-9300874048195348%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.33.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-33-61.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 6f0918a5bbcba67238bceb4ee89b68394124d02bc618afdd06ec915556521a3c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:34:09 GMT
last-modified: Thu, 19 Jan 2023 20:34:09 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 19 Jan 2023 20:35:09 GMT

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame AD93 15 KB
15 KB 136ms
42ms Image
image/png 18.66.147.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1674160749&Signature=H6RmblIT1bwgua1ey2CyqleDdSXQ3mnj8oyECSLW5xzu1kemyw~ENzRvaCT7vPyAwmHej4qJnYs6G7XXtDbwtg15QaM5b~1-uvntoJ5zvAzYjyqFWqVLdpxf~7r9N7uq45zB~oj4TwxpGARKDCjAC9aSncje1qh-ASMG5OL5C-zN7rnTpumOziITRmEO6oT6bjjARz9AFXHQpnSYNGwIAXTHvazL0HrZm1-j6AETNtSXcUoUtbziYB5Euiyml6uf9W5v7bE~mTmGU049JH6sGxRB38Doh-9qx7oDKciBF2wWyjchuBqFoDzLWx0bHmO85bR0QdnQaZcOQ-yKzN~R9w__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=407ba02b6947d4dd53eb7c416b89e9e9%2F3785592455970731672&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1674160449223&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzptjhzmj9fbj5xqb254mzfac798pm6e1azwwbr4qtqgdhdb6x62rkqqzf1xta7cmckvm5xqyy3jdgs9xg6a5fzj9b01b1k1qmxqk9zq27mhd8n90e9hrwgg1vh74fwzgsn5cm9maknsv49c5rw4sy0prqqgzej4h4rya5k1b35xy35drkxkspvgys2fk2ra7z6ywr9e60gpm6s401es384s22za4mh2dpeqbj4hmhtn7jydjkfxxk6wstcya4vf6xsn0eez16tkcd17axb0nefz4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCKbtiQKnJY4L5EIvftwfouKqQBZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTMwMDg3NDA0ODE5NTM0OMgBCakCX_01J_cksj6oAwGqBLgBT9DXbr8NoF1dZ-4N8_Nuv3Yt9yK69iOEzor7E33wcacJzIzkwZSviuRjnPzr_K4rl7JtPo_TqAZoydg5J8-7f_wP91HOB60DdGCgcoAaXU9rf-Dbehtwyg-bQ9Kv0i5H9MZO6K6YN5CAUbznIUbrVr6OmQoF65X_G5ZeF6mB76p6uW893MKTIz8Hm0hdtZSI4iDS8ZANMaY486Vzjk-wbizkRPf4TIKIpeww_tCknoNto6i0FrsQlIAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0ojpV1siL_tUY-8HBxJRIasD3p4g%2526client%253Dca-pub-9300874048195348%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-95.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 19 Jan 2023 12:57:36 GMT
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 65720
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: G8lwt8IPYd7fB05qeSTxMXvIZVmDhBWMTPF8LDTJel8wSSW9s8TH-A==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BDC4 42 B
64 B 143ms
143ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdJGi-oByCDbV_V-86rWlS0ESbm1yWEbh3kDA7FRtvCM-KK63f423WOtgsXRpL1B60NX57OZhgP0hlZQrbRf8QjgrgNmUkEoVnrWk0hCgriJ8sZGSdjQPjhdsD2xWVm9mdNse7-w&sai=AMfl-YQAXhWYDq8g9NYrfeUhBBqgevaMcMGYppTolS-sk4NS3DK06JEC7L_x0GUzpbjhb2lvBwjOZr_JImINJ-w&sig=Cg0ArKJSzKKb5fyLDa6vEAE&cid=CAQSGwDq26N9iWR5jy69xx1AbL8FoQnOsPamliSQ5RgBIBM&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4144480424&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674160447899&rpt=997&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:34:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 144ms
144ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230117&jk=3747011109229152&bg=!wsGlwYXNAAYDMoyoIzI7ACkAdvg8Wu-kZNlQ3-McTqq_ZPxcjGy1bLbOHcH65iP-vxqC-sY2WHFsfAIAAABSUgAAAANoAQeZAqcEumQRDHFui7YX6hBQyU_tmES0FUjph_eJ2QSwq2lGo5hnnpTzwjxPoSYXTeHRl5nKySwuNNxZ2t5gzMp5YUxK3b0XQd81UX2Izyj-e036SpykvX7LTbvP0M8eq-Pu5u87OEhjMtpr6yk_DkFGDWJKJ1Vzq1cMv6W-7AxIppUfPUp4h6TTF14W8b8GZTqD_u5E850anMYWLJeom4agJIStsjeTi7fKcpiSYDR5piV4XXbiO20rs4oKjEJILtLa2SYUUlB-WB_giho3vL166ZhRexIfFFiz5wou_hG8tnJ9nJk8SlKpjqMu4EjStEX1_YNVQQdUO6bszwonZX6iwtHQ_28s2FPTrzo8ojI3tfVw9XWR4M0dh4H9R3aFnfCGN7y1lL7FksGFf4BaeP_04IyzRKT6LPhtvhhFoy69fgh_-oDn0nFQvmptLJ482CUnNaXBbxqahzVIpHVNRacfcz7PS746lZTpFmiYL9eBUEC6vSwmvGn4e-vhiuS9u0p_BU_52DXumBcSFfrUj5DBQQSPgsJn95Or-HLaGRqyCo7a8dtrUk63AR4yjuzkelKOnhFHoP-eL5ooW59hMeSwVr-o2gmXni3FirRB2a6yJO4EhdWWoO0wj34fSvga6xCQ2ofK4tdbWTdWV-qhQc4xt4EF8OsClzP6MbUMPDRqU9qz0clHOzx2F0VUkcAxowkMo4YMGNsVJ_Es1bv7Ajmr5aNLKAqbDGdUtR9ZIiTrZrk5P71ONeKpmlo5-9yYm-skYiOwBsPrNSq9krYzIRShLdhsyF8tCHSzXFCJe485OSzi95wY9kME2jmC_RG-FIAKqQ9lKgTb5I1Rqls3F9PvpJuvbVKV-vMCb-X1GfBTz050aMaV7JGd0KhJvWb2lOn9ncU7bTymNubL
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame AD93 16 B
232 B 103ms
101ms Fetch
application/json 3.11.171.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-171-0.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 Jan 2023 20:34:11 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 187ms
45ms Preflight 3.11.171.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 19 Jan 2023 20:34:10 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame AD93 16 B
232 B 100ms
98ms Fetch
application/json 3.11.171.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-171-0.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 Jan 2023 20:34:11 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 178ms
46ms Preflight 3.11.171.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 19 Jan 2023 20:34:10 GMT
server: nginx

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
367 B 181ms
66ms XHR
application/json 35.190.25.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1674160452489

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.25.25 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://banks.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Thu, 19 Jan 2023 20:34:12 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://banks.org
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 20
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.banks.org/	1970-01-20 17:48:16	Name: mp_a211e7d3be743a0c4011c2a226c99284_mixpanel Value: %7B%22distinct_id%22%3A%20%22185cbbd2004c4b-0b8dbc9c989726-13363b7c-1d4c00-185cbbd2005ef3%22%2C%22%24device_id%22%3A%20%22185cbbd2004c4b-0b8dbc9c989726-13363b7c-1d4c00-185cbbd2005ef3%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.banks.org/	1970-01-20 18:24:16	Name: __gads Value: ID=618e2ee03cd23e97-227276258dda0014:T=1674160447:RT=1674160447:S=ALNI_MZ4DImZz9k75BrRJGYgdTMAp75iEA
.banks.org/	1970-01-20 18:24:16	Name: __gpi Value: UID=00000ba5910eb61b:T=1674160447:RT=1674160447:S=ALNI_MZ5nNq3hWaGffSVFJvwimOpbE8-1Q
.doubleclick.net/	1970-01-20 18:24:16	Name: IDE Value: AHWqTUmv4eTJXHpHyfNqSjZOnxLuN-nk2rXy-javh37-bogeN3uYje47unxwB7oet9k
.travelaudience.com/	1970-01-20 18:32:54	Name: _tracker Value: %7B%22UUID%22%3A%22CC1308CC-7009-47D5-8F2C-0140AC1BD50F%22%7D
.w55c.net/	1970-01-20 18:32:54	Name: wfivefivec Value: XfRMUyM31PiBBS5
.bidswitch.net/	1970-01-20 17:48:16	Name: tuuid Value: 0420e65d-32c8-47a8-91f4-932021a33c66
.bidswitch.net/	1970-01-20 17:48:16	Name: c Value: 1674160448
.bidswitch.net/	1970-01-20 17:48:16	Name: tuuid_lu Value: 1674160448
.360yield.com/	1970-01-20 11:12:16	Name: tuuid Value: 4b257a5e-719f-4311-8071-e0ee01373bdf
.360yield.com/	1970-01-20 11:12:16	Name: tuuid_lu Value: 1674160448
.w55c.net/	1970-01-20 09:45:52	Name: matchgoogle Value: 5
.everesttech.net/	1970-01-20 17:48:16	Name: everest_g_v2 Value: g_surferid~Y8mpQQAAAYJ6nQA_
.tribalfusion.com/	1970-01-20 11:12:16	Name: ANON_ID Value: aYntmIyKalGobWm8ZbRyZc1m25JnC5fPGoiY0GQNoEsNpvUZa4NXbXlJDdZdcn4PkOWZcrBXsT14Tn9yOKPO0bBePZclOq
.awin1.com/	1970-01-20 09:05:33	Name: awpv20044 Value: 412871\|1674160449\|a071da80-9838-11ed-ad7b-22332650e18d
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 402224:2767075

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.de
analytics.webgains.io
api-js.mixpanel.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
banks.org
cdn.mxpnl.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
match.360yield.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
prod-rtb.ad4mat.net
s.tribalfusion.com
static-de.ad4mat.net
sync-tm.everesttech.net
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.banks.org
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.87.133.65
142.251.208.98
151.101.194.49
18.158.138.18
18.66.147.95
18.66.15.19
2600:1901:0:76b9::
2600:1901:0:bc29::
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700::6812:18ad
2607:f1c0:100f:f000::253
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a00:1450:400d:806::2002
2a00:1450:400d:806::2004
2a00:1450:400d:807::2001
2a00:1450:400d:80e::2003
2a02:fa8:8806:13::1370
3.11.171.0
35.176.33.61
35.190.0.66
35.190.25.25
52.29.214.155
63.33.255.124
02320f9705025c1834687f547dc6c49d27cd68043a18936c9dac6120df5560bb
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0500bd58f47403106f2f10da96d8d196941a02a4046e88611a59494557861f98
0972ea5ef30fec818c79787f12e9bf2060592cd219cfe09acce2a05355a1e712
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc628ca642a6238b960771f7a5433b888a6d895fa9dd29803f69abb62a9a182
12601bd8ca240bbd8d06f7fdf1bd2ecd90c6adc647469b3b1f200d93f71be2ca
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1ffa1f99d73f2a383e32fb8d4ab66da18819384dd1592a7dc7aac5504ff55fe0
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
257011aeda1d6a0056a630915ca6daff92ec03dc6e45df519a89a10c894f2e14
26c0ff25452c0df38cba6be960ed2632117c62a45bbb78d84c15edd9fe09d0af
2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
29d9662278ef63e7d75f26fc4f1d96b4aea1290ee2d001569dd90dab3b5a189f
29fdd734852b4f6ce48f9560d82467cd1a1ad75da8233b86b1a1a09646254401
2af2da12b1737d1c51d0166de63463984db4ff4f2118bc0f55a9a6d126cfda95
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c7d73daaf40eb13f6dc8ef124010a6746d4766471bc24f7b5bf203b68347160
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
42a3e7eb21772042631226aa59844d39505b17934593db5ebf7a4f4681c36bfc
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
44352f2782055e78f474b678b4fb93ba8f39473a3480015c4b4f5de6906d6323
539afb309c028272c6b3c0180146d95ce1bd0cc88848d4ce03255917bf297c23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
5683e73002d98fa562f7b152f2d97141eeb1ebaaddfb6a56c1e34bd5e765f1e0
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a9179bbbf614176cd2b0cbb225f86a53b64df42a80be251f098ac7dbde69917
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61860c2cd6191f9e682e4da20d4325bc913b166ab8af4a92d25dd6b6be552548
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6712b0994a3988b3097601c4cc76815e22ad4a1ac4bb43e740cb465fab87c59d
6c0087475dae0eb2ce22cc9ec70afdc94601e9b962dce992d6f13ff590e6f2d2
6f0918a5bbcba67238bceb4ee89b68394124d02bc618afdd06ec915556521a3c
72353a3e27e9dc35d21399895a9d5fc828afbe29a146a874cbfd079a57fe33b3
76f52951e4880eb9712c68c37f40c977ca2a42b6f3f8e58f75c7ab74fa6535f6
876f181150664af9e30a4c1da6f8f95eb462aebeb8781db732ff6bc48a1f6632
881165abc0c62af9a1ace026192615efa2b487fbebdec445dda8eab2365a8de8
8e29346ef229c9ae46249846a845958d724dd1f7a0358bd49bcc30b4ac5c4053
90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
938ab4a9e6b6f67f35d8e5cb7c8f40e3c5508bd5b1d9bfd1ad398772a77ec527
9824f812a64d358318dcf7f4f8e3feed3c33ba63b8bd505a6bc544113c5c1f79
9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c9f1b48a7a7fc03b63e7e05dbfef3284eadce7131e6af91c7f444c256593e34
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c64f8675a0e18052ca85079b45a8c8f1bfd6af30ed1d33f3bd9b8b11ec9d9a
aaca829ff1ccdd343073a7d4f019ed4d1935da4213ddadc1c2a213ffa34ef284
ac6819ddbdc4c3a3845e32f55947158747e75113248edc9644fa65c4ed9934ad
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b8278753710ce6e939a0c82614bbb441c5167b67f10ac6f768a84e0f910410e6
b9b653ee84e3052f0bc9096b24b78e15f3aae7bbc05561baad3b527bb5e6fcd4
b9dad9cc2b20c83730fee65fb98286b28436e715427d2494ed3cbbfdf0c4f832
ba78318acc6f2e7b17bf23a757d77f5406b9fea6989d0ea1b975f10692e9a567
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c1795ba86d406653252697d28d4ec59c6c9ac1df5c90ef5bb430536a521cb0d8
c30be6a83a1ee1ac9923e9460116e37df69f79dea73a0fbdf2f07f957f0144c3
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c7a8cf463d8af865cc28bd6d81d41134e809375632eef8823768b460ce8e6e7c
c7e7459f653741f0fe00f17e9c835a04f0134f4d3dc34c2ceac5b6006d3adf1a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
c99a04082b9b5e5b654166f9f6370382cca9e187af54b0e774269ff58fa0037f
cb914ca1231703352d1bf40c3eead5fcda2dabc3535bae3436a2b67bc3681f41
cbe8c763a9ec6bd3cad599d7716d01309fd0a922f3b7f52d943bcb1ecb5e27af
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065
da18ca5c0fcbb13b7cbcc303389199c34093913017249f2a8ba9a2f27049890a
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6e52879c56fb9b5d2d57dc7fdab0658474b04b871001a614b6aa6ec613e56a4
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700
fc7109dd6428c821842660a87bda6494e52c0f4ecad22105a1aed87e440ee0b1
fe882c8b5335f62577f971c21e9966c3531455194e0a5773c43ba792e6d6d2a1
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

banks.org Open in urlscan Pro 2607:f1c0:100f:f000::253 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

95 %HTTPS

59 %IPv6

24 Domains

34 Subdomains

25 IPs

6 Countries

2132 kBTransfer

3760 kBSize

16 Cookies

0 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

banks.org Open in urlscan Pro
2607:f1c0:100f:f000::253 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

95 %
HTTPS

59 %
IPv6

24
Domains

34
Subdomains

25
IPs

6
Countries

2132 kB
Transfer

3760 kB
Size

16
Cookies

123 HTTP transactions
3 data transactions