www.elorasnyc.com Open in urlscan Pro
199.189.108.76 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.elorasnyc.com/
Submission: On August 14 via api (August 14th 2023, 4:06:29 pm UTC) from US — Scanned from DE

Summary HTTP 92 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 8 domains to perform 92 HTTP transactions. The main IP is 199.189.108.76, located in Thornton, United States and belongs to UK2NET-AS, GB. The main domain is www.elorasnyc.com.

This is the only time www.elorasnyc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	199.189.108.76 199.189.108.76	13213 (UK2NET-AS) (UK2NET-AS)
14	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4 12	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
8	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
92	13

20 199.189.108.76 (Thornton, United States)

ASN13213 (UK2NET-AS, GB)
PTR: flash109.servermidia.com.br

www.elorasnyc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 151	406 KB
20	elorasnyc.com www.elorasnyc.com	534 KB
12	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	183 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	165 KB
9	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1216 www.googleadservices.com — Cisco Umbrella Rank: 150	605 B
5	google.com 1 redirects mts0.google.com — Cisco Umbrella Rank: 4389 www.google.com — Cisco Umbrella Rank: 3	80 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	225 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	5 KB
92	8

	Domain	Requested by
20	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
20	www.elorasnyc.com	www.elorasnyc.com
14	pagead2.googlesyndication.com	www.elorasnyc.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
8	www.googleadservices.com	www.elorasnyc.com
6	www.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	mts0.google.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
92	12

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh

This page contains 14 frames:

Primary Page: http://www.elorasnyc.com/
Frame ID: D4695EC4B514DB707ADE57DA870FB846
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Frame ID: 94B3F87B600EFA2FD25E725A14897229
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5861136439014984&output=html&h=280&slotname=2023593351&adk=4201315058&adf=3272419396&pi=t.ma~as.2023593351&w=800&fwrn=4&fwrnh=100&lmt=1690531906&rafmt=1&format=800x280&url=http%3A%2F%2Fwww.elorasnyc.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1692029183958&bpp=3&bdt=785&idt=263&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&correlator=4449682159984&frm=20&pv=2&ga_vid=1795445824.1692029184&ga_sid=1692029184&ga_hid=842224682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076087%2C31076875%2C31076924%2C44798934%2C31076947%2C21065725&oid=2&pvsid=488173081346771&tmod=293717377&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=C99q6eZ0EL&p=http%3A//www.elorasnyc.com&dtd=276
Frame ID: F5D158F1C9AEEE8C827B32C6CDBB202E
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5861136439014984&output=html&h=250&slotname=7930526154&adk=2674464762&adf=12587278&pi=t.ma~as.7930526154&w=970&lmt=1690531906&format=970x250&url=http%3A%2F%2Fwww.elorasnyc.com%2F&wgl=1&dt=1692029183961&bpp=1&bdt=788&idt=285&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&prev_fmts=800x280&correlator=4449682159984&frm=20&pv=1&ga_vid=1795445824.1692029184&ga_sid=1692029184&ga_hid=842224682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076087%2C31076875%2C31076924%2C44798934%2C31076947%2C21065725&oid=2&pvsid=488173081346771&tmod=293717377&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PvK9zEwOzF&p=http%3A//www.elorasnyc.com&dtd=289
Frame ID: E64E57E7BBE75A5998CBED3325327924
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5861136439014984&output=html&h=250&slotname=9407259354&adk=4158516656&adf=373646316&pi=t.ma~as.9407259354&w=970&lmt=1690531906&format=970x250&url=http%3A%2F%2Fwww.elorasnyc.com%2F&wgl=1&dt=1692029183962&bpp=1&bdt=789&idt=289&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&prev_fmts=800x280%2C970x250&correlator=4449682159984&frm=20&pv=1&ga_vid=1795445824.1692029184&ga_sid=1692029184&ga_hid=842224682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=3579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076087%2C31076875%2C31076924%2C44798934%2C31076947%2C21065725&oid=2&pvsid=488173081346771&tmod=293717377&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NlbbeFBZIk&p=http%3A//www.elorasnyc.com&dtd=292
Frame ID: 9E2621B4EB93BBD5247BBDF3F051AFFB
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5861136439014984&output=html&adk=1812271804&adf=3025194257&lmt=1690531906&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x810_l%7C260x945_r&format=0x0&url=http%3A%2F%2Fwww.elorasnyc.com%2F&ea=0&pra=7&wgl=1&dt=1692029183977&bpp=1&bdt=804&idt=282&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&prev_fmts=800x280%2C970x250%2C970x250&nras=1&correlator=4449682159984&frm=20&pv=1&ga_vid=1795445824.1692029184&ga_sid=1692029184&ga_hid=842224682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076087%2C31076875%2C31076924%2C44798934%2C31076947%2C21065725&oid=2&pvsid=488173081346771&tmod=293717377&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=6&uci=a!6&fsb=1&dtd=292
Frame ID: 9374FA000D702B5FC45E191C91D54C3B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0C772B91D95CF0A27CC4E986E2685214
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8AC6460807546BA00CCB27E24A538D60
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Frame ID: 4A4ACC70CBEAE949B0926E6EE7FF757A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Frame ID: F35BB1DB704B0833A1569A40C4E4550C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Frame ID: 1DADFFDB3D6D101ED3B0124089CF8E3C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Frame ID: 5D0C29223A3308AC9C85E74D6A0BE818
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 94011A2A428BDD1B9A8D138EC7F4C492
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BA01E33DCD9A6898492362C7DD48DD28
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Eloras Restaurant

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

All in One SEO Pack (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- All in One SEO Pack ([\d.]+)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

92
Requests

73 %
HTTPS

83 %
IPv6

8
Domains

12
Subdomains

13
IPs

2
Countries

1599 kB
Transfer

3480 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://googleads.g.doubleclick.net/pagead/adview?ai=CIqoeAFHaZKeoFMGH9u8PgvSQqAzk4-mIcsjvtIKFEvKe3KDUARABIN7t4ixglYKAgLAHoAGN7InRKcgBAagDAcgDywSqBMkBT9DBdWrSBuIhwW0HmEd-5Hmn6MHAf2s75ZtNYWvo3SsBVsaQEyldEfG0n0YiorgG13Ab7WiaBHA8E0lg3PSbIrB2V6pWnEcOTuL-He_EMC9wSaARI9zG_YrCU2Q6ns_ef5K3X4C4q-Uf-pSBOceookKO8ouMCmbgIRXURa4kNeBykR3_FvVFCaCp6V6TBA3hQHOk5Y9WQeQpO374g_Q5-djx2CrxxKKcyCI3fXajPYUsDEvFS0ygr9gZgz9f4BgK8G0QJxRl5X24wATwiIDIvwSSBQQIBBgBkgUECAUYBIAHjaTasASoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDC8hXSCBYIgOGAcBABGB8yAusCOgKAQEi9_cE6mgmqAWh0dHBzOi8vd3d3Lmdsb2JhbHNvdXJjZXMuY29tL3RyYWRlLWZhaXIvc2hvdy9vbmxpbmUtZWxlY3Ryb25pY3Mtc2hvdz9jYW1wYWlnbklkPTEwMDk5OCZwYWdlSWQ9MTAwMzQ4NiZzb3VyY2U9MTM5MDUxMSZ1dG1fc291cmNlPTEzOTA1MTEmc291cmNlPTEzOTA1MTEmdXRtX3NvdXJjZT0xMzkwNTExgAoByAsBogwIKgYKBMOwsQLYEwLQFQGAFwGyFxwKGggAEhRwdWItNTg2MTEzNjQzOTAxNDk4NBgA&sigh=y8bp1JwXMJ4&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW8ksKxI7bJrPFIDRYCSuvuohNIlRZtRgB&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229912766237477641260%22,%22debug_reporting%22:true,%22destination%22:%22https://globalsources.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211175884301%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217819329709673496961%22}&andc=true

Request Chain 55

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 59

https://googleads.g.doubleclick.net/pagead/adview?ai=Cl0vYAFHaZKTfEJza7_UPl_aY6AiI6vmJcvmpkbyFEt6RjPa4AhABIN7t4ixglYKAgLAHoAHi8OCwAcgBCakC46S2mfhLsj6oAwHIA8sEqgThAU_QfjrLUmhPsqgiiaf50tZMEjnUDlHssRO5GQGkHrm6MLO33A7fc5G2o3UgWUE7sE2NK0mJgEX4j_pKG-HArW0bFhtj21cYubc7S7ZBeLTq9FgQr70Z0i_RVIBT1dWKYpeZw7CjhIDtbumTNBUIKtZr8wcDjDnOe30IW69giEAmfUmKz4FFLAJCs_cQmq63avq9zFeMdRrKe6eIaUikx8wXVY1uHRTRN6tG4LbMPVK2pOsu1rbt97eIac0oBJGHV6QW8jhkXpeo1ebx_ieBPF7EIlXNtPsmplGHydY1mUC8fMAElY6yw6oEkgUECAQYAZIFBAgFGASgBi6AB4aPn88CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ3oR10ggWCIDhgHAQARgfMgLrAjoCgEBIvf3BOpoJOGh0dHBzOi8vd3d3LmF1dG8tYmVjaGVyLmRlL2ZhaHJ6ZXVnbGlzdGU_bT02OSZtbz02MDAwNDk0gAoByAsBogwIKgYKBMOwsQK4E4gE2BMK0BUBgBcBshccChoIABIUcHViLTU4NjExMzY0MzkwMTQ5ODQYAA&sigh=HhpFZi2cKaU&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW1FAshE_Np_jp7IC3LQu6UdWVMbwdPhgB&template_id=520&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216713946106699413968%22,%22debug_reporting%22:true,%22destination%22:%22https://auto-becher.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22370686050%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221764700194496472017%22}&andc=true

Request Chain 89

https://googleads.g.doubleclick.net/pagead/adview?ai=Cn2a0AFHaZKeEEfy49u8PyYuauAPVr6DTcYSwx6mqEeDVkqO6AhABIN7t4ixglYKAgLAHoAGHwpazKMgBCakC46S2mfhLsj6oAwHIA8sEqgTYAU_QssXfJ-9ClxycnALz8xLYl5pt0xrK2wYsopaZEBNZSm_w4sKfWl4kpo5ABCg2o2h0_VpDm2W9KvOqxTv_uaW8m4FCnMQDC9yAky5MSsx_YN_-_0T6eCdwsNaqImruJzP7H7EuCnSa4CDwCM2KEySCZhhV38ARHhO0arfuntfugZ7uGgjuQOgVMqhMjtBwI1r6DaiItHWR-g8BOLF6nNVZc4LRTh5700YNWvbQeX67v9bSfOYixbcJQ_qbPpfqZUC7A2pFVtLikWzFJRjeXLbD-kt-2vU7g8AE-dyC3b0EkgUECAQYAZIFBAgFGASgBi6AB4f65pIDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQ2tWlAtIIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqaCR1odHRwczovL3d3dy5kZWluLW1vb3Nsb2dvLmRlL4AKAcgLAaIMCCoGCgTDsLECuBOIBNgTCtAVAYAXAbIXHAoaCAASFHB1Yi01ODYxMTM2NDM5MDE0OTg0GAA&sigh=qkjjJkTT4LM&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW8uZy6jdxdw-vbD6mYZK9GZOQNKRZ8BgB&template_id=520&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229256796504872003609%22,%22debug_reporting%22:true,%22destination%22:%22https://dein-mooslogo.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210844741895%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227124579117497948737%22}&andc=true

Request Chain 92

https://googleads.g.doubleclick.net/pagead/adview?ai=CgGJTAFHaZKuDEbOm9u8PufGP0AeI6vmJcvmpkbyFEt6RjPa4AhABIN7t4ixglYKAgLAHoAHi8OCwAcgBCakC46S2mfhLsj6oAwHIA8sEqgThAU_QpAKZAoWp8OvZFpBmPVWn-SppdkenlGAJKofCuNpq0omh1irnJ2Al40h7Xa3TBM6XAuX_Oi_X9L07S6HZ7lEUkJG5uTfXiESYQRGpSFFXl-N7dFxMAQ5urG6kCZkvm7lV4n9denKyAUS4yPqoJawwWvh1DErB8eWqoaBGENxvwNjD5I3A9k8kju94TmIeTNHmY3xZ38djI8VOOADi_7t-PFHrjO0TXAJONUDfL2XjlgG4WUxjY29YiF7oozZWALETBY-3GiA7uZlDkJJHbsk5B8S6tdV-fDMuV5huzPRmjMAElY6yw6oEkgUECAQYAZIFBAgFGASgBi6AB4aPn88CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQxL4Y0ggWCIDhgHAQARgfMgLrAjoCgEBIvf3BOpoJOGh0dHBzOi8vd3d3LmF1dG8tYmVjaGVyLmRlL2ZhaHJ6ZXVnbGlzdGU_bT02OSZtbz02MDAwNDk0gAoByAsBogwIKgYKBMOwsQK4E4gE2BMK0BUBgBcBshccChoIABIUcHViLTU4NjExMzY0MzkwMTQ5ODQYAA&sigh=A_xa1O-jRdQ&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWteMQQDDCh06HQMP5gFaF6HfPaW5HAhgB&template_id=520&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22273499220320183767%22,%22debug_reporting%22:true,%22destination%22:%22https://auto-becher.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22370686050%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212948880291986371185%22}&andc=true

92 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.elorasnyc.com/ 32 KB
7 KB 358ms
156ms Document
text/html 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.elorasnyc.com/
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash: ec433a652111753b2cf34cc7186fd7ce6807c70355f78460057521355dc2e2a5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Aug 2023 16:06:23 GMT
ETag: W/"8108-601894ee75d2c"
Keep-Alive: timeout=60
Last-Modified: Fri, 28 Jul 2023 10:11:46 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK main.css
www.elorasnyc.com/wp-content/themes/elorasnyc/styles/ 14 KB
4 KB 156ms
156ms Stylesheet
text/css 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/styles/main.css?ver=4.4.30
Requested by: Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash: 00141a0754009baba1e5dc930be15f422d6c4e48c1fc8acbcd643236bf9f81c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jul 2023 10:11:52 GMT
Server: nginx
ETag: W/"64c39468-3753"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style.css
www.elorasnyc.com/wp-content/themes/elorasnyc/ 17 KB
4 KB 307ms
153ms Stylesheet
text/css 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/style.css?ver=4.4.30
Requested by: Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash: 6ab5627fa081130c23c5b1bdbba3cd6ea4c677fbdc9b0917f3695e72b82fab15

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jul 2023 10:11:48 GMT
Server: nginx
ETag: W/"64c39464-4208"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK font-awesome.css
www.elorasnyc.com/wp-content/themes/elorasnyc/styles/ 724 B
682 B 311ms
154ms Stylesheet
text/css 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/styles/font-awesome.css?ver=4.4.30
Requested by: Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash: 22563c990f49f8f930840957f4c1c3021e04f227d832b80f68ffa5aef977912b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jul 2023 10:11:51 GMT
Server: nginx
ETag: W/"64c39467-2d4"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.js Show response
www.elorasnyc.com/wp-includes/js/jquery/ 94 KB
33 KB 315ms
158ms Script
application/javascript 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.elorasnyc.com/wp-includes/js/jquery/jquery.js?ver=1.11.3
Requested by: Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash: ca32702f36da9bdbaa5463f8e3db9b18d82f3ce8a630d18e8bde6b30a2582d20

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jul 2023 10:11:59 GMT
Server: nginx
ETag: W/"64c3946f-176e9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.elorasnyc.com/wp-includes/js/jquery/ 7 KB
3 KB 314ms
158ms Script
application/javascript 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.elorasnyc.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Requested by: Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash: c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jul 2023 10:11:58 GMT
Server: nginx
ETag: W/"64c3946e-1c20"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK superfish.js Show response
www.elorasnyc.com/wp-content/themes/elorasnyc/js/ 4 KB
2 KB 315ms
158ms Script
application/javascript 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/js/superfish.js?ver=4.4.30
Requested by: Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash: 14a966ad28655ad9991a7f25df834774eef309b3256b503a3f7f9c3efcd111ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jul 2023 10:11:50 GMT
Server: nginx
ETag: W/"64c39466-e89"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.touchSwipe.min.js Show response
www.elorasnyc.com/wp-content/themes/elorasnyc/js/ 11 KB
4 KB 314ms
157ms Script
application/javascript 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/js/jquery.touchSwipe.min.js?ver=4.4.30
Requested by: Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash: 01a9274297a2f6764b078e54cf828a5ef9dd7b4dd355d89215560fd27ede81c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jul 2023 10:11:50 GMT
Server: nginx
ETag: W/"64c39466-2cf3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.cycle.all.js Show response
www.elorasnyc.com/wp-content/themes/elorasnyc/js/ 52 KB
14 KB 465ms
159ms Script
application/javascript 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/js/jquery.cycle.all.js?ver=4.4.30
Requested by: Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash: 77e4efc5456de102b00a6cca1ee47970c9fc0959efd864edc372dc72ee589fa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jul 2023 10:11:50 GMT
Server: nginx
ETag: W/"64c39466-d183"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found frontend.js
www.elorasnyc.com/wp-content/themes/elorasnyc/js/ 0
0 471ms
156ms Script
text/html 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/js/frontend.js?ver=4.4.30
Requested by: Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:23 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 240
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK 84a89f_83f6022ff3614dab9566ea527f0ee84e.png
www.elorasnyc.com/wp-content/uploads/2016/11/ 8 KB
8 KB 155ms
155ms Image
image/png 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.elorasnyc.com/wp-content/uploads/2016/11/84a89f_83f6022ff3614dab9566ea527f0ee84e.png
Requested by: Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash: c7cb71685765205c5d0e97bc6787fcaf1a2ec45745e0d66fe592af6c314ca7ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:23 GMT
Last-Modified: Fri, 28 Jul 2023 10:11:53 GMT
Server: nginx
ETag: "64c39469-1fe2"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 8162
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
53 KB 93ms
72ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6659c304ddbc083b3825fef9a084be97a9fb526020cba03c77feb7ec86a6c88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54148
X-XSS-Protection: 0
Server: cafe
ETag: 13894525608045825316
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Mon, 14 Aug 2023 16:06:23 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
www.elorasnyc.com/wp-includes/js/ 1 KB
1 KB 155ms
155ms Script
application/javascript 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.elorasnyc.com/wp-includes/js/wp-embed.min.js?ver=4.4.30
Requested by: Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash: 4114f99c5992bab27f43ae5e3c7c196ce63fac0b4b43915af913c1a30ca1f3da

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jul 2023 10:11:58 GMT
Server: nginx
ETag: W/"64c3946e-568"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK font.css
www.elorasnyc.com/wp-content/themes/elorasnyc/styles/ 2 KB
669 B 157ms
154ms Stylesheet
text/css 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/styles/font.css
Requested by: Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/style.css?ver=4.4.30
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash: 0664454c1ccbc90bcb9a82ade825bec755f04d460721e72c3325131639496444

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/wp-content/themes/elorasnyc/style.css?ver=4.4.30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jul 2023 10:11:51 GMT
Server: nginx
ETag: W/"64c39467-888"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK yellowback.jpg
www.elorasnyc.com/wp-content/themes/elorasnyc/images/ 372 KB
372 KB 156ms
156ms Image
image/jpeg 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/images/yellowback.jpg
Requested by: Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/style.css?ver=4.4.30
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash: 39ee7e951294f4040446de2ffe68cc85bd4eae51c3fa434e158a06609f789b60

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/wp-content/themes/elorasnyc/style.css?ver=4.4.30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:23 GMT
Last-Modified: Fri, 28 Jul 2023 10:11:51 GMT
Server: nginx
ETag: "64c39467-5d054"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 381012
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK menu.png
www.elorasnyc.com/wp-content/themes/elorasnyc/images/ 5 KB
5 KB 157ms
156ms Image
image/png 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/images/menu.png
Requested by: Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/style.css?ver=4.4.30
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash: 45ea3e9d2c053426c32607e320ae8d1284fb365d83259b70d796ff6e90073ab7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/wp-content/themes/elorasnyc/style.css?ver=4.4.30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:23 GMT
Last-Modified: Fri, 28 Jul 2023 10:12:05 GMT
Server: nginx
ETag: "64c39475-1315"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 4885
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK menu-before.png
www.elorasnyc.com/wp-content/themes/elorasnyc/images/ 8 KB
8 KB 157ms
157ms Image
image/png 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/images/menu-before.png
Requested by: Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/style.css?ver=4.4.30
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash: 9a5b97dd292b0639cd5395236a5369d02bdc8ec3eb128b9d0e2a2837c12e0448

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/wp-content/themes/elorasnyc/style.css?ver=4.4.30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:23 GMT
Last-Modified: Fri, 28 Jul 2023 10:12:05 GMT
Server: nginx
ETag: "64c39475-1f95"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 8085
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK menu-after.png
www.elorasnyc.com/wp-content/themes/elorasnyc/images/ 8 KB
8 KB 157ms
157ms Image
image/png 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/images/menu-after.png
Requested by: Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/style.css?ver=4.4.30
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash: c27224bbb86eaefa7a582d985eaabc3bf1ea73dee894813b3968d5b6340091d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/wp-content/themes/elorasnyc/style.css?ver=4.4.30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:23 GMT
Last-Modified: Fri, 28 Jul 2023 10:12:04 GMT
Server: nginx
ETag: "64c39474-1f1e"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 7966
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK footer.jpg
www.elorasnyc.com/wp-content/themes/elorasnyc/images/ 20 KB
21 KB 159ms
159ms Image
image/jpeg 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/images/footer.jpg
Requested by: Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/style.css?ver=4.4.30
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash: 761bdce23db9230f1fc719086c450c71dd482cf9d4808eef5b97fbaf1c9f9044

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/wp-content/themes/elorasnyc/style.css?ver=4.4.30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:24 GMT
Last-Modified: Fri, 28 Jul 2023 10:12:05 GMT
Server: nginx
ETag: "64c39475-51a2"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 20898
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK opensans-semibold-webfont.woff2
www.elorasnyc.com/wp-content/themes/elorasnyc/styles/fonts/ 18 KB
19 KB 162ms
156ms Font
application/octet-stream 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/styles/fonts/opensans-semibold-webfont.woff2
Requested by: Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/styles/font.css
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash: d24feca1dce6b6f9592dd30786b0587758d2a97d99ff9ebaf16839348b3f2ee1

Request headers

Referer: http://www.elorasnyc.com/wp-content/themes/elorasnyc/styles/font.css
Origin: http://www.elorasnyc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:23 GMT
Last-Modified: Fri, 28 Jul 2023 10:11:55 GMT
Server: nginx
ETag: "49fc-601894f732e0e"
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 18940

GET
H/1.1 200
OK opensans-regular-webfont.woff2
www.elorasnyc.com/wp-content/themes/elorasnyc/styles/fonts/ 18 KB
18 KB 317ms
160ms Font
application/octet-stream 199.189.108.76
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/styles/fonts/opensans-regular-webfont.woff2
Requested by: Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/styles/font.css
Protocol: HTTP/1.1
Server: 199.189.108.76 Thornton, United States, ASN13213 (UK2NET-AS, GB),
Reverse DNS: flash109.servermidia.com.br
Software: nginx /
Resource Hash: f35b33b4bbf4fa22325cd1457e712138ea9047404f612c2da850c12787afa19b

Request headers

Referer: http://www.elorasnyc.com/wp-content/themes/elorasnyc/styles/font.css
Origin: http://www.elorasnyc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 16:06:24 GMT
Last-Modified: Fri, 28 Jul 2023 10:11:54 GMT
Server: nginx
ETag: "490c-601894f6a8b1f"
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 18700

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/ 372 KB
126 KB 167ms
103ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5861136439014984&plah=www.elorasnyc.com&bust=31076947

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0da2e3eeb1e26f607a52cbe8e507a6e19cf8190b61cdfe873d28bdd4e09f8a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:06:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128613
x-xss-protection: 0
server: cafe
etag: 17014280475886306222
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 16:06:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/ Frame 94B3 10 KB
5 KB 81ms
23ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.elorasnyc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 15:10:18 GMT
etag: 12368291122986407432
expires: Mon, 28 Aug 2023 15:10:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
605 B 75ms
28ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.elorasnyc.com&callback=_gfp_s_&client=ca-pub-5861136439014984

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5861136439014984&plah=www.elorasnyc.com&bust=31076947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b335b2b41c1798548dfecd467aeb76edb23da66f4f2f7b32412fda42c83f0383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F5D1 142 KB
43 KB 1234ms
1233ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5861136439014984&output=html&h=280&slotname=2023593351&adk=4201315058&adf=3272419396&pi=t.ma~as.2023593351&w=800&fwrn=4&fwrnh=100&lmt=1690531906&rafmt=1&format=800x280&url=http%3A%2F%2Fwww.elorasnyc.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1692029183958&bpp=3&bdt=785&idt=263&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&correlator=4449682159984&frm=20&pv=2&ga_vid=1795445824.1692029184&ga_sid=1692029184&ga_hid=842224682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076087%2C31076875%2C31076924%2C44798934%2C31076947%2C21065725&oid=2&pvsid=488173081346771&tmod=293717377&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=C99q6eZ0EL&p=http%3A//www.elorasnyc.com&dtd=276

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec51e02a86ad94b00f77a6f6fd99c2e2aa19aaab288f141c5f60f06eca749f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.elorasnyc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44183
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 16:06:25 GMT
expires: Mon, 14 Aug 2023 16:06:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E64E 141 KB
43 KB 665ms
665ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5861136439014984&output=html&h=250&slotname=7930526154&adk=2674464762&adf=12587278&pi=t.ma~as.7930526154&w=970&lmt=1690531906&format=970x250&url=http%3A%2F%2Fwww.elorasnyc.com%2F&wgl=1&dt=1692029183961&bpp=1&bdt=788&idt=285&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&prev_fmts=800x280&correlator=4449682159984&frm=20&pv=1&ga_vid=1795445824.1692029184&ga_sid=1692029184&ga_hid=842224682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076087%2C31076875%2C31076924%2C44798934%2C31076947%2C21065725&oid=2&pvsid=488173081346771&tmod=293717377&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PvK9zEwOzF&p=http%3A//www.elorasnyc.com&dtd=289

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc133cd90605912d9d2434225ddd6601626b9eee5e69dad87dc5806f27d1da3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.elorasnyc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 16:06:24 GMT
expires: Mon, 14 Aug 2023 16:06:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E26 140 KB
43 KB 1232ms
1232ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5861136439014984&output=html&h=250&slotname=9407259354&adk=4158516656&adf=373646316&pi=t.ma~as.9407259354&w=970&lmt=1690531906&format=970x250&url=http%3A%2F%2Fwww.elorasnyc.com%2F&wgl=1&dt=1692029183962&bpp=1&bdt=789&idt=289&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&prev_fmts=800x280%2C970x250&correlator=4449682159984&frm=20&pv=1&ga_vid=1795445824.1692029184&ga_sid=1692029184&ga_hid=842224682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=3579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076087%2C31076875%2C31076924%2C44798934%2C31076947%2C21065725&oid=2&pvsid=488173081346771&tmod=293717377&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NlbbeFBZIk&p=http%3A//www.elorasnyc.com&dtd=292

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7612b1d7993d87482801ccd7c559749d6aeb998d24794fd6f80395ab4de16acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.elorasnyc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43332
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 16:06:25 GMT
expires: Mon, 14 Aug 2023 16:06:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9374 144 KB
45 KB 501ms
501ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5861136439014984&output=html&adk=1812271804&adf=3025194257&lmt=1690531906&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x810_l%7C260x945_r&format=0x0&url=http%3A%2F%2Fwww.elorasnyc.com%2F&ea=0&pra=7&wgl=1&dt=1692029183977&bpp=1&bdt=804&idt=282&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&prev_fmts=800x280%2C970x250%2C970x250&nras=1&correlator=4449682159984&frm=20&pv=1&ga_vid=1795445824.1692029184&ga_sid=1692029184&ga_hid=842224682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076087%2C31076875%2C31076924%2C44798934%2C31076947%2C21065725&oid=2&pvsid=488173081346771&tmod=293717377&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=6&uci=a!6&fsb=1&dtd=292

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

586b09a12daee55b7345ea8d16006f0e814398689f63632d683a28cb56a93b3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.elorasnyc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45579
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 16:06:24 GMT
expires: Mon, 14 Aug 2023 16:06:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/ 154 KB
53 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/reactive_library_fy2021.js?bust=31076947

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2960d322556f0485b21ad7942f92ea1e2fa4a2268b81f7045cc2778d10c1c4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:06:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53702
x-xss-protection: 0
server: cafe
etag: 16943419939934134371
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 16:06:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E64E 14 KB
2 KB 82ms
31ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5861136439014984&output=html&h=250&slotname=7930526154&adk=2674464762&adf=12587278&pi=t.ma~as.7930526154&w=970&lmt=1690531906&format=970x250&url=http%3A%2F%2Fwww.elorasnyc.com%2F&wgl=1&dt=1692029183961&bpp=1&bdt=788&idt=285&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&prev_fmts=800x280&correlator=4449682159984&frm=20&pv=1&ga_vid=1795445824.1692029184&ga_sid=1692029184&ga_hid=842224682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076087%2C31076875%2C31076924%2C44798934%2C31076947%2C21065725&oid=2&pvsid=488173081346771&tmod=293717377&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PvK9zEwOzF&p=http%3A//www.elorasnyc.com&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 16:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 14:28:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 16:06:24 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame E64E 2 KB
973 B 115ms
44ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 05:41:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame E64E 23 KB
9 KB 90ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 05:41:38 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/ Frame 0C77 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.elorasnyc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 01:02:56 GMT
etag: 12368291122986407432
expires: Mon, 28 Aug 2023 01:02:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 data=Fb7YKdv9hN7yK8bjrMprfEV6alqxuHvi0DjZJ9YEowAPj8hQpnjF77PV3C1naaGrZQuntoPL1ib3l4hSECX3Bw
mts0.google.com/vt/ Frame E64E 24 KB
24 KB 119ms
31ms Image
image/png 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=Fb7YKdv9hN7yK8bjrMprfEV6alqxuHvi0DjZJ9YEowAPj8hQpnjF77PV3C1naaGrZQuntoPL1ib3l4hSECX3Bw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

050a488fbd8baa553119617fb92ba3c7b24b98c4ce6e9cb849ac6cfda01d723c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
date: Mon, 14 Aug 2023 16:06:25 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=12
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24618
x-xss-protection: 0
x-server-version-bin: CggIBBDL89GmBg==
server: scaffolding on HTTPServer2
etag: 064d3b093a6e183ba
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=989
expires: Mon, 14 Aug 2023 16:22:54 GMT

GET
DATA 200
OK truncated
/ Frame E64E 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E64E 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E64E 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E64E 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame E64E 3 KB
1 KB 83ms
50ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 03:14:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 03:14:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame E64E 20 KB
8 KB 56ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 07:29:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E64E 179 KB
56 KB 137ms
80ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 16:06:25 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame E64E 33 KB
14 KB 92ms
38ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 16:01:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Nov 2023 09:28:51 GMT

GET
H2 200 12e0c0bbc282de0324fc2c716af124fb.js Show response
www.gstatic.com/mysidia/ Frame 0C77 9 KB
4 KB 50ms
20ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/12e0c0bbc282de0324fc2c716af124fb.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c1e5469741d286589a094c9fea2c1e5409ac1eca95013c43c65c781d170e2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3920
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 16:01:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Nov 2023 09:28:51 GMT

GET
H2 200 149f83e4c956287f2c876bb96f686a4b.js Show response
www.gstatic.com/mysidia/ Frame 0C77 10 KB
4 KB 73ms
43ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/149f83e4c956287f2c876bb96f686a4b.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a888c0c21cdb2e41d30b74a17a54ade29b96c01a58582f4e4deb883627c7e2f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 11:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 536493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4319
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 06 Nov 2023 11:04:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0C77 14 KB
1 KB 32ms
31ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 16:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 15:33:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 16:06:25 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 0C77 2 KB
926 B 57ms
49ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 05:41:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 0C77 23 KB
9 KB 53ms
45ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 05:41:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 0C77 3 KB
1 KB 56ms
49ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 03:14:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 03:14:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 0C77 20 KB
8 KB 33ms
26ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 07:29:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0C77 179 KB
57 KB 79ms
48ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 16:06:25 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame 0C77 33 KB
14 KB 50ms
21ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 16:01:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Nov 2023 09:28:51 GMT

GET
DATA 200
OK truncated
/ Frame E64E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be67271153027c84bad4b003714b29994fb0f5786cf67c33d729cdd4c1fa369e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4252339313598254515/ Frame 0C77 2 KB
2 KB 22ms
21ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4252339313598254515/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d27fa54f44ecdb587cae985ce15f85c36e023a9d32557edbd7716ea3d6c100

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 11:56:50 GMT
x-content-type-options: nosniff
age: 533375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1547
x-xss-protection: 0
last-modified: Thu, 18 May 2023 07:57:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Aug 2024 11:56:50 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8AC6 143 B
166 B 29ms
23ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2562
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 15:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0C77 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54bee100ea1e14eebe7225fdc7bebd09583de4301656a4f89a42f7f0b0633349

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0C77
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CIqoeAFHaZKeoFMGH9u8PgvSQqAzk4-mIcsjvtIKFEvKe3KDUARABIN7t4ixglYKAgLAHoAGN7InRKcgBAagDAcgDywSqBMkBT9DBdWrSBuIhwW0HmEd-5Hmn6MHAf2s75ZtNYWvo3SsBVsa...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229912766237477641260%22,%22debug_reporting%22:true,%22destination%22:%22https://globalsources.com%22,%22event_report_window...

0
0

98ms
54ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229912766237477641260%22,%22debug_reporting%22:true,%22destination%22:%22https://globalsources.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211175884301%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217819329709673496961%22}&andc=true

Requested by

Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:06:25 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9912766237477641260","debug_reporting":true,"destination":"https://globalsources.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11175884301"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"17819329709673496961"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 16:06:25 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 16:06:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9912766237477641260","debug_reporting":true,"destination":"https://globalsources.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11175884301"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"17819329709673496961"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8AC6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

31ms
31ms

Document
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 16:06:25 GMT
expires: Mon, 14 Aug 2023 16:06:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 16:06:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A4A 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 06:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 295452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 06:02:13 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 119ms
54ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 16:06:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame E64E 33 KB
34 KB 74ms
23ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 212544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:04:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E64E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cl0vYAFHaZKTfEJza7_UPl_aY6AiI6vmJcvmpkbyFEt6RjPa4AhABIN7t4ixglYKAgLAHoAHi8OCwAcgBCakC46S2mfhLsj6oAwHIA8sEqgThAU_QfjrLUmhPsqgiiaf50tZMEjnUDlHssRO...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216713946106699413968%22,%22debug_reporting%22:true,%22destination%22:%22https://auto-becher.de%22,%22event_report_window%2...

0
0

55ms
55ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216713946106699413968%22,%22debug_reporting%22:true,%22destination%22:%22https://auto-becher.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22370686050%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221764700194496472017%22}&andc=true

Requested by

Host: www.elorasnyc.com
URL: http://www.elorasnyc.com/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:06:25 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"16713946106699413968","debug_reporting":true,"destination":"https://auto-becher.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["370686050"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"1764700194496472017"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 16:06:25 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 16:06:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16713946106699413968","debug_reporting":true,"destination":"https://auto-becher.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["370686050"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"1764700194496472017"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame F35B 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 06:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 295452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 06:02:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F5D1 14 KB
1 KB 34ms
32ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5861136439014984&output=html&h=280&slotname=2023593351&adk=4201315058&adf=3272419396&pi=t.ma~as.2023593351&w=800&fwrn=4&fwrnh=100&lmt=1690531906&rafmt=1&format=800x280&url=http%3A%2F%2Fwww.elorasnyc.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1692029183958&bpp=3&bdt=785&idt=263&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&correlator=4449682159984&frm=20&pv=2&ga_vid=1795445824.1692029184&ga_sid=1692029184&ga_hid=842224682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076087%2C31076875%2C31076924%2C44798934%2C31076947%2C21065725&oid=2&pvsid=488173081346771&tmod=293717377&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=C99q6eZ0EL&p=http%3A//www.elorasnyc.com&dtd=276

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 16:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 15:10:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 16:06:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame F5D1 2 KB
892 B 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 05:41:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame F5D1 23 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 05:41:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame F5D1 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 03:14:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 03:14:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame F5D1 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 07:29:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F5D1 179 KB
56 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 16:06:25 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame F5D1 33 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 16:01:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Nov 2023 09:28:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9E26 14 KB
1 KB 32ms
31ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5861136439014984&output=html&h=250&slotname=9407259354&adk=4158516656&adf=373646316&pi=t.ma~as.9407259354&w=970&lmt=1690531906&format=970x250&url=http%3A%2F%2Fwww.elorasnyc.com%2F&wgl=1&dt=1692029183962&bpp=1&bdt=789&idt=289&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&prev_fmts=800x280%2C970x250&correlator=4449682159984&frm=20&pv=1&ga_vid=1795445824.1692029184&ga_sid=1692029184&ga_hid=842224682&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=3579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076087%2C31076875%2C31076924%2C44798934%2C31076947%2C21065725&oid=2&pvsid=488173081346771&tmod=293717377&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NlbbeFBZIk&p=http%3A//www.elorasnyc.com&dtd=292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 16:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 15:34:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 16:06:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 9E26 2 KB
892 B 20ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 05:41:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 9E26 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 05:41:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 9E26 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 03:14:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 03:14:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 9E26 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 07:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 07:29:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E26 179 KB
56 KB 114ms
113ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 16:06:25 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame 9E26 33 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 16:01:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Nov 2023 09:28:51 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 54ms
53ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 16:06:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 data=ihm1ozm25DxpUL4tIGeDM4sslMJpkzvSEg4seJYGz6C62UFIqD_DH3OpKIS3G1lakK_TSQKQuCUHrE3Xp0CQ6w
mts0.google.com/vt/ Frame F5D1 30 KB
30 KB 103ms
103ms Image
image/png 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=ihm1ozm25DxpUL4tIGeDM4sslMJpkzvSEg4seJYGz6C62UFIqD_DH3OpKIS3G1lakK_TSQKQuCUHrE3Xp0CQ6w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

6b0343e10ce641f1969b3e20bbd17ea6ab37023a160cb5629effa59276657b30

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:06:25 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=84
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30962
x-xss-protection: 0
x-server-version-bin: CggIBBDL89GmBg==
server: scaffolding on HTTPServer2
etag: 0ff54c51742889f12
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Mon, 14 Aug 2023 17:06:25 GMT

GET
DATA 200
OK truncated
/ Frame F5D1 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F5D1 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F5D1 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F5D1 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 data=Fb7YKdv9hN7yK8bjrMprfEV6alqxuHvi0DjZJ9YEowAPj8hQpnjF77PV3C1naaGrZQuntoPL1ib3l4hSECX3Bw
mts0.google.com/vt/ Frame 9E26 24 KB
24 KB 22ms
21ms Image
image/png 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=Fb7YKdv9hN7yK8bjrMprfEV6alqxuHvi0DjZJ9YEowAPj8hQpnjF77PV3C1naaGrZQuntoPL1ib3l4hSECX3Bw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

050a488fbd8baa553119617fb92ba3c7b24b98c4ce6e9cb849ac6cfda01d723c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
date: Mon, 14 Aug 2023 16:06:25 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24618
x-xss-protection: 0
x-server-version-bin: CggIBBDL89GmBg==
server: scaffolding on HTTPServer2
etag: 064d3b093a6e183ba
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=989
expires: Mon, 14 Aug 2023 16:22:54 GMT

GET
DATA 200
OK truncated
/ Frame 9E26 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9E26 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9E26 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9E26 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F5D1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d964c91b03e126dcd7eaac4a96f1adb9056bc399c9d444bd4197a1d4af316017

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9E26 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8310611a1fc12fa0e4a369f7ff24833e5925fbba17492cd353e6ea831f375f5a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame F5D1 33 KB
33 KB 22ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 212544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:04:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F5D1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cn2a0AFHaZKeEEfy49u8PyYuauAPVr6DTcYSwx6mqEeDVkqO6AhABIN7t4ixglYKAgLAHoAGHwpazKMgBCakC46S2mfhLsj6oAwHIA8sEqgTYAU_QssXfJ-9ClxycnALz8xLYl5pt0xrK2wY...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229256796504872003609%22,%22debug_reporting%22:true,%22destination%22:%22https://dein-mooslogo.de%22,%22event_report_window%...

0
0

55ms
54ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229256796504872003609%22,%22debug_reporting%22:true,%22destination%22:%22https://dein-mooslogo.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210844741895%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227124579117497948737%22}&andc=true

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:06:25 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9256796504872003609","debug_reporting":true,"destination":"https://dein-mooslogo.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10844741895"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"7124579117497948737"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 16:06:25 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 16:06:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9256796504872003609","debug_reporting":true,"destination":"https://dein-mooslogo.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10844741895"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"7124579117497948737"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame 1DAD 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 06:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 295452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 06:02:13 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 9E26 33 KB
33 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 212544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:04:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9E26
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CgGJTAFHaZKuDEbOm9u8PufGP0AeI6vmJcvmpkbyFEt6RjPa4AhABIN7t4ixglYKAgLAHoAHi8OCwAcgBCakC46S2mfhLsj6oAwHIA8sEqgThAU_QpAKZAoWp8OvZFpBmPVWn-SppdkenlGA...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22273499220320183767%22,%22debug_reporting%22:true,%22destination%22:%22https://auto-becher.de%22,%22event_report_window%22:...

0
0

55ms
55ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22273499220320183767%22,%22debug_reporting%22:true,%22destination%22:%22https://auto-becher.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22370686050%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212948880291986371185%22}&andc=true

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:06:25 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"273499220320183767","debug_reporting":true,"destination":"https://auto-becher.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["370686050"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"12948880291986371185"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 16:06:25 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 16:06:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"273499220320183767","debug_reporting":true,"destination":"https://auto-becher.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["370686050"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"12948880291986371185"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 122ms
72ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230809&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72ec65d77c2725ea202183e298f3990dbf4b8d490683815df915937b52ed090d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11751
x-xss-protection: 0

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5D0C 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 06:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 295452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 06:02:13 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 56ms
56ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 16:06:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 55ms
55ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 16:06:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 16:06:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9401 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.elorasnyc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 71
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 16:05:14 GMT
expires: Tue, 13 Aug 2024 16:05:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BA01 831 B
989 B 29ms
28ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4b8906dfbf32c2e6177ba9b515e585a58309433da6aed2a8bafb8d3a46e2e3af

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XDXCMyuKcyq227Gr88fMsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.elorasnyc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 532
content-security-policy: script-src 'report-sample' 'nonce-XDXCMyuKcyq227Gr88fMsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 16:06:25 GMT
expires: Mon, 14 Aug 2023 16:06:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BA01 0
0 121ms
121ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230809&jk=488173081346771&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9401 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 06:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 295452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 06:02:13 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9401 0
10 B 23ms
22ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_hU-QA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:06:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0C77 42 B
64 B 128ms
127ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGDB3HX_ndPW8RMOV-Hq2xT2N6OVf0ZSZ2nS7CvwlNyxy6hCJL8MR6p8t8Kj1L6cLNQ61ZLiY9hFlcUoyu3dZS4pXKs3vx1V9HAE3w6ic6owExcEoIdaskxvPKQFad1rsye14ioYBbvTuC&sai=AMfl-YSo7w-WPqG-z_i1xtu6VzAOH9fkvXxgQSS4LNeXl6jPxC9IDMgVX_EG9f1l5scZheRLvHJec4Hi9a7b&sig=Cg0ArKJSzNgFg5ubaUiMEAE&cid=CAQSGwBpAlJW8ksKxI7bJrPFIDRYCSuvuohNIlRZtRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=101,785,1000,1068,1140&tos=101,684,215,68,72&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1692029184941&rpt=207&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 16:06:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E64E 42 B
64 B 127ms
127ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWma8V_E2zraAuds5fNRYSMU0s6Ro81_tWyOsK9jth_9Vj1vKgy-4flBQE0L67c-iVi8802PFeZRzuWC9zAeJZrVD1kEM_SvcQy9oeynib9A-RTWn0b5zpPYBEatTqSqwUrA6YdZaGSvMH&sai=AMfl-YTDSPEWHs4FQlIV-m1HwWm_UxuBdqQ1joAXJU6Pp80SbpyzBd5jdZFyg4rQtT5BtAIh6qMu8trdsy2V&sig=Cg0ArKJSzBah-LOhRJWREAE&cid=CAQSGwBpAlJW1FAshE_Np_jp7IC3LQu6UdWVMbwdPhgB&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2674464762&rs=2&la=1&cr=0&vs=4&r=v&rst=1692029184251&rpt=1162&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 16:06:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 130ms
130ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230809&jk=488173081346771&bg=!OzilOGzNAAaiGN5Pghg7ADkAdvg8Wo3PX6Q7gFA-TrG7_pQLrOaxBcDIxrDnHqTyX6f0yn76BouF3t-RzpQ3qXKFOIVrxiO9RYcCAAAATlIAAAAMaAEHmQK-4-vDtsCNUJmohDJJeZLON_FBX4aFIxhrTHrtt5jBPPU32VTLiomnT2FHCRk2ogQ_ej8e897_8-6S-4vBYkFprxIr44DX9_FGnygfAbLhtBcMw2P-HuoJR6AGyyGEvdQgICf4Vze4zk9BQCFAPcxd8RDQ8Vdx4WnxDMdyG3VeBss8kX6Z7IFaKFd38pH_JgVcWfXgSrTqODfXDChcLCRcXxVlKc3I8t0B9GmnJGD2uO_8fN_IOXUQmA0sM0uGshjlg67Zr1E4vOsKuPwzjtIFONxXp2T1AMfJaCEcyZ5GJ1NcXSW2pE_XmW7MaLomwvQPNray4yESfKLTWQiHKxnfCMuwtGzj6wI-bJOWk0O7_f3WEMDFfAIDbNtT3GuetonEieo78j3jmZ42ZGlTi4KSrN-rIDG77n6l4FJ7KaLqOzpeur-UanET4EL1w3LbMk1Qbz_7OXJtXkKiQ666x-cIlwfVn0rtZHnoW4LEj3F7OEz-qugjNoZ8wF01sMYiY8GuqRB0VyErvLKegTHSjp8pjZGvj6ODKTVw0G4VsKLE2vJZD9JLCWDHCoT4d9I_2KNzoTxfvQH5mKbB8s4bxnXF0oQdZhLrLdFVZC1VdSAnZvGbj9VhjHakSwansIl8TcCoO8Ob_m1Wk9XQEYTahtYbBba7uGklDfJ5yxTdPRKAPoWlUMUHxg6uhotRmb4oGCuhilpk111O0uySM2RrGTs-RTlR97TqwJFpld4-d63mpynb0FL1VR2-ai0NFbmKGDuyYP-b6FNe9B6zc8dOn_e5lmrAnDEbq0s3d8ikQgsLJssdi_BxnYuA7AVv8I5GY6DXhmaMUTR5neN0gfYru8ykRySA-vEMWykrmDjej2N74E5bDmSFbToH5dzJX97ieuh0BSJaB86FgA3F8DqQwDc9j8zjXKMFOoXqq55JBJmc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.elorasnyc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F5D1 42 B
64 B 128ms
127ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuuLji5raPdTSRIpizw5g90GdUh-OsloIirZWnd2xcTUmqBhJQ3hrb9XHYigG3jZ50F0M1mKtNZ-_izvm3wumrtEUUyYQe8Uh8XUtnSi-HGEaqI52Cf3JOYzE-5gsTJYvkNkiQOCVcXA0nB&sai=AMfl-YRZMCUx2Zb0CaZnuXSYB3ruvTPbAcznuEGqiGodhlAa_w7K46C-gLq2Ne9IYt36smF9kIvB3rOUp0iG&sig=Cg0ArKJSzH1jwRj7KXVtEAE&cid=CAQSGwBpAlJW8uZy6jdxdw-vbD6mYZK9GZOQNKRZ8BgB&id=lidar2&mcvt=1001&p=0,0,280,800&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4201315058&rs=2&la=0&cr=0&vs=4&r=v&rst=1692029184238&rpt=1436&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 16:06:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.elorasnyc.com/	1970-01-20 23:22:05	Name: __gads Value: ID=b8188f8cf8245daa-2275104b59800072:T=1692029184:RT=1692029184:S=ALNI_Ma_d8zSFuSspgiIg7mIwzZM2JmSiw
.elorasnyc.com/	1970-01-20 23:22:05	Name: __gpi Value: UID=00000c607985d023:T=1692029184:RT=1692029184:S=ALNI_MbrqSEglmaGxfWSFshY2i0nJO1HuA
.doubleclick.net/	1970-01-20 23:22:05	Name: IDE Value: AHWqTUm5_5K9LrzYPT1cp4N3675WhIPQrwAqUEcX6Eg4opce_ARFfXPlH0ZmcDXw800
.doubleclick.net/	1970-01-20 14:00:32	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 16:10:05	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 14:00:30	Name: test_cookie Value: CheckForPermission

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: http://www.elorasnyc.com/(Line 28) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
network	error	URL: http://www.elorasnyc.com/wp-content/themes/elorasnyc/js/frontend.js?ver=4.4.30 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-5861136439014984&fa=1&ifi=7&uci=a!7&btvi=2&xpc=RppFUnulXS&p=http%3A//www.elorasnyc.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mts0.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.elorasnyc.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
172.217.16.194
199.189.108.76
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
00141a0754009baba1e5dc930be15f422d6c4e48c1fc8acbcd643236bf9f81c7
01a9274297a2f6764b078e54cf828a5ef9dd7b4dd355d89215560fd27ede81c6
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
050a488fbd8baa553119617fb92ba3c7b24b98c4ce6e9cb849ac6cfda01d723c
05c1e5469741d286589a094c9fea2c1e5409ac1eca95013c43c65c781d170e2d
0664454c1ccbc90bcb9a82ade825bec755f04d460721e72c3325131639496444
0da2e3eeb1e26f607a52cbe8e507a6e19cf8190b61cdfe873d28bdd4e09f8a38
14a966ad28655ad9991a7f25df834774eef309b3256b503a3f7f9c3efcd111ab
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
22563c990f49f8f930840957f4c1c3021e04f227d832b80f68ffa5aef977912b
2960d322556f0485b21ad7942f92ea1e2fa4a2268b81f7045cc2778d10c1c4da
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
39ee7e951294f4040446de2ffe68cc85bd4eae51c3fa434e158a06609f789b60
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
4114f99c5992bab27f43ae5e3c7c196ce63fac0b4b43915af913c1a30ca1f3da
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
45ea3e9d2c053426c32607e320ae8d1284fb365d83259b70d796ff6e90073ab7
4b8906dfbf32c2e6177ba9b515e585a58309433da6aed2a8bafb8d3a46e2e3af
54bee100ea1e14eebe7225fdc7bebd09583de4301656a4f89a42f7f0b0633349
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
586b09a12daee55b7345ea8d16006f0e814398689f63632d683a28cb56a93b3e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
6ab5627fa081130c23c5b1bdbba3cd6ea4c677fbdc9b0917f3695e72b82fab15
6b0343e10ce641f1969b3e20bbd17ea6ab37023a160cb5629effa59276657b30
72ec65d77c2725ea202183e298f3990dbf4b8d490683815df915937b52ed090d
7612b1d7993d87482801ccd7c559749d6aeb998d24794fd6f80395ab4de16acf
761bdce23db9230f1fc719086c450c71dd482cf9d4808eef5b97fbaf1c9f9044
77e4efc5456de102b00a6cca1ee47970c9fc0959efd864edc372dc72ee589fa1
8310611a1fc12fa0e4a369f7ff24833e5925fbba17492cd353e6ea831f375f5a
9a5b97dd292b0639cd5395236a5369d02bdc8ec3eb128b9d0e2a2837c12e0448
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
a888c0c21cdb2e41d30b74a17a54ade29b96c01a58582f4e4deb883627c7e2f4
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b335b2b41c1798548dfecd467aeb76edb23da66f4f2f7b32412fda42c83f0383
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
be67271153027c84bad4b003714b29994fb0f5786cf67c33d729cdd4c1fa369e
c27224bbb86eaefa7a582d985eaabc3bf1ea73dee894813b3968d5b6340091d6
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c7cb71685765205c5d0e97bc6787fcaf1a2ec45745e0d66fe592af6c314ca7ba
ca32702f36da9bdbaa5463f8e3db9b18d82f3ce8a630d18e8bde6b30a2582d20
d24feca1dce6b6f9592dd30786b0587758d2a97d99ff9ebaf16839348b3f2ee1
d6659c304ddbc083b3825fef9a084be97a9fb526020cba03c77feb7ec86a6c88
d964c91b03e126dcd7eaac4a96f1adb9056bc399c9d444bd4197a1d4af316017
dc133cd90605912d9d2434225ddd6601626b9eee5e69dad87dc5806f27d1da3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d27fa54f44ecdb587cae985ce15f85c36e023a9d32557edbd7716ea3d6c100
ec433a652111753b2cf34cc7186fd7ce6807c70355f78460057521355dc2e2a5
ec51e02a86ad94b00f77a6f6fd99c2e2aa19aaab288f141c5f60f06eca749f36
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35b33b4bbf4fa22325cd1457e712138ea9047404f612c2da850c12787afa19b

www.elorasnyc.com Open in urlscan Pro 199.189.108.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

92 Requests

73 %HTTPS

83 %IPv6

8 Domains

12 Subdomains

13 IPs

2 Countries

1599 kBTransfer

3480 kBSize

6 Cookies

0 Outgoing links

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.elorasnyc.com Open in urlscan Pro
199.189.108.76 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

73 %
HTTPS

83 %
IPv6

8
Domains

12
Subdomains

13
IPs

2
Countries

1599 kB
Transfer

3480 kB
Size

6
Cookies

92 HTTP transactions
16 data transactions