hijackfacts.com Open in urlscan Pro
2a02:4780:b:846:0:2a1d:62da:3  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 121

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 149

• https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIF8bFoAMDX0ijkgC9eCez0&google_cver=1&google_push=ASkJ3Fbl3Nz3KDGBlgHTt_Dh703rpvDQWawrpKYF3jH-L0Mpz99xhXeaSFdbDW7NrqaS8razRfTliVfdDwR22srb2xbxG9Tk65rHRw HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIF8bFoAMDX0ijkgC9eCez0&google_cver=1&google_push=ASkJ3Fbl3Nz3KDGBlgHTt_Dh703rpvDQWawrpKYF3jH-L0Mpz99xhXeaSFdbDW7NrqaS8razRfTliVfdDwR22srb2xbxG9Tk65rHRw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c1E2SzVuMUUxT1Q0Mjk1&google_gid=CAESEIF8bFoAMDX0ijkgC9eCez0&google_cver=1&google_push=ASkJ3Fbl3Nz3KDGBlgHTt_Dh703rpvDQWawrpKYF3jH-L0Mpz99xhXeaSFdbDW7NrqaS8razRfTliVfdDwR22srb2xbxG9Tk65rHRw

Request Chain 150

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEEyrT0PBmUKRfDHNdSl9x8A&google_cver=1&google_push=ASkJ3FaPRwOZ9og_5OIENiuTLxXivWGLhj0splwzyz1Ahlsb3xFvlfmmOA7IDXpmRnPstAPO_rlNzNna6hsERaiaQXoZXdAOvyWDcQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FaPRwOZ9og_5OIENiuTLxXivWGLhj0splwzyz1Ahlsb3xFvlfmmOA7IDXpmRnPstAPO_rlNzNna6hsERaiaQXoZXdAOvyWDcQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEyrT0PBmUKRfDHNdSl9x8A&google_cver=1&google_push=ASkJ3FaPRwOZ9og_5OIENiuTLxXivWGLhj0splwzyz1Ahlsb3xFvlfmmOA7IDXpmRnPstAPO_rlNzNna6hsERaiaQXoZXdAOvyWDcQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FaPRwOZ9og_5OIENiuTLxXivWGLhj0splwzyz1Ahlsb3xFvlfmmOA7IDXpmRnPstAPO_rlNzNna6hsERaiaQXoZXdAOvyWDcQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 151

• https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENChBVb4-tkC2_Q5sLOcvgU&google_cver=1&google_push=ASkJ3FYz2ZafxEGhb474WQclJ1OI_U5W72cg3B_RIEF708E44SFnKJj8ctQPBpn3KgTEGWSdGUZjj0G6VIGPhEhsKqajMTTCft7DBw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NDMxOTc1OTc0MjY2Mjc5OQ%3D%3D&google_push=ASkJ3FYz2ZafxEGhb474WQclJ1OI_U5W72cg3B_RIEF708E44SFnKJj8ctQPBpn3KgTEGWSdGUZjj0G6VIGPhEhsKqajMTTCft7DBw

Request Chain 152

• https://ads.travelaudience.com/google_pixel?google_gid=CAESEN9GGO79qk_yxQPe0AdgAM4&google_cver=1&google_push=ASkJ3FZ8NLU4Plq18yQLPOfmSSt5tlKwHzSnjhlplSl9XDECicVn4zid909LewhtvAfWyEEKAI8Ci6_VJQ6WDFL0Tij-2t-ar8bQPA HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LdzpL_DjSQm7e9kxmq7gwQ2&google_push=ASkJ3FZ8NLU4Plq18yQLPOfmSSt5tlKwHzSnjhlplSl9XDECicVn4zid909LewhtvAfWyEEKAI8Ci6_VJQ6WDFL0Tij-2t-ar8bQPA

Request Chain 153

• https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHlGbm8CwrKKgenU0jBq6lc&google_cver=1&google_push=ASkJ3FbrRq2gpIXxpOtev3sMj1r8Ua99_yWMJ1hLfPLQ0CDdyEt6S7SlJ-rZY7qXNuCt1TkqUUwG-buEBtHqs_D8UgrE9Nd--X5vDw HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHlGbm8CwrKKgenU0jBq6lc&google_cver=1&google_push=ASkJ3FbrRq2gpIXxpOtev3sMj1r8Ua99_yWMJ1hLfPLQ0CDdyEt6S7SlJ-rZY7qXNuCt1TkqUUwG-buEBtHqs_D8UgrE9Nd--X5vDw HTTP 302
• https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
• https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
• https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=438a8b37-77c6-44f3-b517-cd69ea6fb7bd&ssp=google HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbrRq2gpIXxpOtev3sMj1r8Ua99_yWMJ1hLfPLQ0CDdyEt6S7SlJ-rZY7qXNuCt1TkqUUwG-buEBtHqs_D8UgrE9Nd--X5vDw&google_hm=lLEsha8oQA259MPLcpLqIQ==

Request Chain 154

• https://match.360yield.com/match/ebda?google_gid=CAESEDPlD2pu25PvoopAeR-KLzY&google_cver=1&google_push=ASkJ3FbQq1-DjTjnFqFcQab89YNHOVHQPp3aCwbTrXNjJLiec1wCXWcgxC_T3TtrD2VXcKYjH09OGR6XFhsrVsDsMUTiSJkus9fPFw HTTP 302
• https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDPlD2pu25PvoopAeR-KLzY&google_cver=1&google_push=ASkJ3FbQq1-DjTjnFqFcQab89YNHOVHQPp3aCwbTrXNjJLiec1wCXWcgxC_T3TtrD2VXcKYjH09OGR6XFhsrVsDsMUTiSJkus9fPFw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Nzq8_ROR5GBqyW_IiUIXw&google_push=ASkJ3FbQq1-DjTjnFqFcQab89YNHOVHQPp3aCwbTrXNjJLiec1wCXWcgxC_T3TtrD2VXcKYjH09OGR6XFhsrVsDsMUTiSJkus9fPFw

Request Chain 157

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 168

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBc5LKu9BslxNA8zdzpZcJo&google_cver=1&google_push=ASkJ3FalRaCMI062xaSjLC1ou5R4C-Sw7vwgGVlef5pUSEjzNFuWFoPrEUZ54D9A_r_aqZ_7NkZlmVNJ_I9tWTCGbK0JRExxw4k HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBc5LKu9BslxNA8zdzpZcJo&google_cver=1&google_push=ASkJ3FalRaCMI062xaSjLC1ou5R4C-Sw7vwgGVlef5pUSEjzNFuWFoPrEUZ54D9A_r_aqZ_7NkZlmVNJ_I9tWTCGbK0JRExxw4k&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mi_PjTw4RGG9jOJJkolrLA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FalRaCMI062xaSjLC1ou5R4C-Sw7vwgGVlef5pUSEjzNFuWFoPrEUZ54D9A_r_aqZ_7NkZlmVNJ_I9tWTCGbK0JRExxw4k

Request Chain 169

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGkg4bJnFYTo9vYkIDEsQS0&google_cver=1&google_push=ASkJ3FbX-v_u_G7iCFSiyoe7-xmb_rpj5O0-3gZAAeMnJNq4WfExNne1IE2wv0Y0v57TIrYqyBY-VKpSvbjWDX8KySBwFiSAY6jf HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFBVlBDSDMtMTEtNTFSRg==&google_push=ASkJ3FbX-v_u_G7iCFSiyoe7-xmb_rpj5O0-3gZAAeMnJNq4WfExNne1IE2wv0Y0v57TIrYqyBY-VKpSvbjWDX8KySBwFiSAY6jf

Request Chain 170

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK15L_jqKzP8Dc462J9p7YQ&google_cver=1&google_push=ASkJ3Fb-2J8tCDWxA2zMYxTA2Bi2rZOxnCrstsZzKUvpn7-niQ2VSL5kYQhDcREshM_f2VSA2SGMCMG-etCddcTrsYLPccUyZFHs HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEK15L_jqKzP8Dc462J9p7YQ&google_push=ASkJ3Fb-2J8tCDWxA2zMYxTA2Bi2rZOxnCrstsZzKUvpn7-niQ2VSL5kYQhDcREshM_f2VSA2SGMCMG-etCddcTrsYLPccUyZFHs&s=184023&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK15L_jqKzP8Dc462J9p7YQ&google_hm=Y2zG3RtW_l8_eKHmPXQAQQAABKEAAAIB&google_nid=index&google_push=ASkJ3Fb-2J8tCDWxA2zMYxTA2Bi2rZOxnCrstsZzKUvpn7-niQ2VSL5kYQhDcREshM_f2VSA2SGMCMG-etCddcTrsYLPccUyZFHs

Request Chain 173

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

168 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
10 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response hijackfacts.com/	65 KB 17 KB	1726ms 1403ms	Document text/html	2a02:4780:b:846:0:2a1d:62da:3 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:846:0:2a1d:62da:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / PHP/7.4.32 Resource Hash aa894199ccda53f660143e8b4af6c3d20c5faf56722cb4f82460c6c529bebb8f Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-security-policy upgrade-insecure-requests content-type text/html; charset=UTF-8 date Thu, 10 Nov 2022 09:39:38 GMT link <https://hijackfacts.com/wp-json/>; rel="https://api.w.org/" platform hostinger server LiteSpeed vary Accept-Encoding x-powered-by PHP/7.4.32 x-ua-compatible IE=edge
GET H2	200	autoptimize_70eb79a15edc6b6af3ecbf46429ac6e2.css hijackfacts.com/wp-content/cache/autoptimize/css/	246 KB 37 KB	159ms 157ms	Stylesheet text/css	2a02:4780:b:846:0:2a1d:62da:3 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-content/cache/autoptimize/css/autoptimize_70eb79a15edc6b6af3ecbf46429ac6e2.css Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:846:0:2a1d:62da:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash b78512d2e41bacf298d0c5532f45d4b5c63ce2dfa0fb15c1fe79458d82edd136 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:38 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 09 Nov 2022 20:35:21 GMT server LiteSpeed etag "3d74b-636c0f09-2962921ee71ffc23;br" vary Accept-Encoding content-type text/css cache-control public, max-age=30672000,public, immutable accept-ranges bytes platform hostinger content-length 38076 expires Tue, 31 Oct 2023 09:39:38 GMT
GET H2	200	autoptimize_5a48d656230cf01b134878b4c1f1a0af.css hijackfacts.com/wp-content/cache/autoptimize/css/	105 KB 15 KB	301ms 299ms	Stylesheet text/css	2a02:4780:b:846:0:2a1d:62da:3 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-content/cache/autoptimize/css/autoptimize_5a48d656230cf01b134878b4c1f1a0af.css Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:846:0:2a1d:62da:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 9c3dd9a84c303d6baee639594cf14bf590d91b80894347804e501b12c87fd73a Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:38 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Tue, 01 Nov 2022 17:34:22 GMT server LiteSpeed etag "1a287-6361589e-4bd20e8ee7d6ecfd;br" vary Accept-Encoding content-type text/css cache-control public, max-age=30672000,public, immutable accept-ranges bytes platform hostinger content-length 14919 expires Tue, 31 Oct 2023 09:39:38 GMT
GET H2	200	dashicons.min.css hijackfacts.com/wp-includes/css/	58 KB 34 KB	185ms 184ms	Stylesheet text/css	2a02:4780:b:846:0:2a1d:62da:3 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-includes/css/dashicons.min.css?ver=6.0.3 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:846:0:2a1d:62da:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:38 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 22 Jun 2022 02:20:09 GMT server LiteSpeed etag "e688-62b27c59-d5dfdb0b8b905c3e;br" vary Accept-Encoding content-type text/css cache-control public, max-age=31557600 accept-ranges bytes platform hostinger content-length 35099 expires Fri, 10 Nov 2023 15:39:38 GMT
GET H2	200	admin-bar.min.css hijackfacts.com/wp-includes/css/	20 KB 4 KB	280ms 279ms	Stylesheet text/css	2a02:4780:b:846:0:2a1d:62da:3 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-includes/css/admin-bar.min.css?ver=6.0.3 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:846:0:2a1d:62da:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 2500936886d291aff70db3a951bddaef278fcc3da67d2a8cf87833146a26b49c Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:38 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 22 Jun 2022 02:20:09 GMT server LiteSpeed etag "4f3a-62b27c59-936a6e6e9a8eabfe;br" vary Accept-Encoding content-type text/css cache-control public, max-age=31557600 accept-ranges bytes platform hostinger content-length 3559 expires Fri, 10 Nov 2023 15:39:38 GMT
GET H2	200	admin-bar.min.css hijackfacts.com/wp-content/plugins/buddypress/bp-core/css/	1 KB 457 B	326ms 325ms	Stylesheet text/css	2a02:4780:b:846:0:2a1d:62da:3 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-content/plugins/buddypress/bp-core/css/admin-bar.min.css?ver=10.6.0 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:846:0:2a1d:62da:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 8fefb8da37a62e3b11fb499f72db926a9b8e823e6da11f5a560a5c5501c187c3 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:38 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Tue, 01 Nov 2022 17:33:16 GMT server LiteSpeed etag "5f3-6361585c-5e2c8727d074c2fb;br" vary Accept-Encoding content-type text/css cache-control public, max-age=31557600 accept-ranges bytes platform hostinger content-length 371 expires Fri, 10 Nov 2023 15:39:38 GMT
GET H2	200	jquery.min.js Show response hijackfacts.com/wp-includes/js/jquery/	87 KB 29 KB	326ms 326ms	Script application/x-javascript	2a02:4780:b:846:0:2a1d:62da:3 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:846:0:2a1d:62da:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:38 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 22 Jun 2022 02:20:09 GMT server LiteSpeed etag "15db1-62b27c59-c17950a231f84d69;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=31557600 accept-ranges bytes platform hostinger content-length 30027 expires Fri, 10 Nov 2023 15:39:38 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	109 KB 43 KB	52ms 21ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-200886985-1 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4bc39a82d6ddb989a595372a7e188c13c78842b127677788140f6fa60130d438 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:38 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43611 x-xss-protection 0 last-modified Thu, 10 Nov 2022 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 10 Nov 2022 09:39:38 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	167 KB 54 KB	65ms 30ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3886227883045602 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85741c9d084b7780a6119e82ced8e870b1297f3a0e564651204acfdeb486c7d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hijackfacts.com/ Origin https://hijackfacts.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:38 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55250 x-xss-protection 0 server cafe etag 715558234147291101 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Thu, 10 Nov 2022 09:39:38 GMT
GET H2	200	Sage-100-Unable-to-Process-the-Lock-File.jpg i0.wp.com/hijackfacts.com/wp-content/uploads/2022/11/	37 KB 38 KB	125ms 92ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/hijackfacts.com/wp-content/uploads/2022/11/Sage-100-Unable-to-Process-the-Lock-File.jpg?w=1024&ssl=1 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash 69db9940f83637bcb98c66645be6bdf629c1bb712ebc7f230d9363d2a1015c85 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS hhn 1 date Thu, 10 Nov 2022 09:39:39 GMT x-content-type-options nosniff last-modified Thu, 10 Nov 2022 09:39:39 GMT server nginx etag "8d1d466f3a588008" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://hijackfacts.com/wp-content/uploads/2022/11/Sage-100-Unable-to-Process-the-Lock-File.jpg>; rel="canonical" content-length 38196 expires Sat, 09 Nov 2024 21:39:39 GMT
GET H2	200	amp-story-player-v0.css cdn.ampproject.org/	1 KB 2 KB	48ms 15ms	Stylesheet text/css	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/amp-story-player-v0.css?ver=v0 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Thu, 10 Nov 2022 09:39:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 433 x-xss-protection 0 server sffe etag "a11d2a91b9bc8a1c" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3000, stale-while-revalidate=1206600 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 10 Nov 2022 09:39:38 GMT
GET H3	200	admin-bar.min.js Show response hijackfacts.com/wp-includes/js/	3 KB 2 KB	143ms 143ms	Script application/x-javascript	2a02:4780:b:846:0:2a1d:62da:3 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-includes/js/admin-bar.min.js?ver=6.0.3 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a02:4780:b:846:0:2a1d:62da:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 4ab6e890be0144b46d40bf64e55a531d0a5750969e1e4e9c43c95a6ec87a3404 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:38 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 22 Jun 2022 02:20:09 GMT server LiteSpeed etag "ddc-62b27c59-8604f24697944192;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=31557600 accept-ranges bytes platform hostinger alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 1265 expires Fri, 10 Nov 2023 15:39:38 GMT
GET H3	200	regenerator-runtime.min.js Show response hijackfacts.com/wp-includes/js/dist/vendor/	6 KB 2 KB	145ms 144ms	Script application/x-javascript	2a02:4780:b:846:0:2a1d:62da:3 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a02:4780:b:846:0:2a1d:62da:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:38 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 22 Jun 2022 02:20:08 GMT server LiteSpeed etag "194b-62b27c58-e3b1c944a9ee5013;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=31557600 accept-ranges bytes platform hostinger content-length 2349 expires Fri, 10 Nov 2023 15:39:38 GMT
GET H3	200	wp-polyfill.min.js Show response hijackfacts.com/wp-includes/js/dist/vendor/	19 KB 7 KB	151ms 147ms	Script application/x-javascript	2a02:4780:b:846:0:2a1d:62da:3 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a02:4780:b:846:0:2a1d:62da:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:38 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 22 Jun 2022 02:20:08 GMT server LiteSpeed etag "4ac6-62b27c58-93575711927d95b0;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=31557600 accept-ranges bytes platform hostinger content-length 6828 expires Fri, 10 Nov 2023 15:39:38 GMT
GET H3	200	dom-ready.min.js Show response hijackfacts.com/wp-includes/js/dist/	498 B 332 B	157ms 153ms	Script application/x-javascript	2a02:4780:b:846:0:2a1d:62da:3 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a02:4780:b:846:0:2a1d:62da:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:38 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 22 Jun 2022 02:20:08 GMT server LiteSpeed etag "1f2-62b27c58-51a758993933ce11;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=31557600 accept-ranges bytes platform hostinger content-length 281 expires Fri, 10 Nov 2023 15:39:38 GMT
GET H3	200	hooks.min.js Show response hijackfacts.com/wp-includes/js/dist/	5 KB 2 KB	154ms 150ms	Script application/x-javascript	2a02:4780:b:846:0:2a1d:62da:3 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a02:4780:b:846:0:2a1d:62da:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:38 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 22 Jun 2022 02:20:09 GMT server LiteSpeed etag "132e-62b27c59-ee3114bdb77c2e7;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=31557600 accept-ranges bytes platform hostinger content-length 1574 expires Fri, 10 Nov 2023 15:39:38 GMT
GET H3	200	i18n.min.js Show response hijackfacts.com/wp-includes/js/dist/	10 KB 4 KB	157ms 154ms	Script application/x-javascript	2a02:4780:b:846:0:2a1d:62da:3 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a02:4780:b:846:0:2a1d:62da:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:38 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 22 Jun 2022 02:20:09 GMT server LiteSpeed etag "27ee-62b27c59-20c6aed1d659f61d;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=31557600 accept-ranges bytes platform hostinger content-length 3711 expires Fri, 10 Nov 2023 15:39:38 GMT
GET H2	200	amp-story-player-v0.js Show response cdn.ampproject.org/	52 KB 16 KB	32ms 16ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/amp-story-player-v0.js?ver=v0 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d206f8cd0ab2e27ab96190b72eb2940dbb92aed7c92978763947a59d23a6a4e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Thu, 10 Nov 2022 09:39:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16123 x-xss-protection 0 server sffe etag "484843f968a46276" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3000, stale-while-revalidate=1206600 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 10 Nov 2022 09:39:38 GMT
GET H2	200	e-202245.js Show response stats.wp.com/	9 KB 3 KB	37ms 7ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202245.js Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT hhn date Thu, 10 Nov 2022 09:39:38 GMT content-encoding br server nginx etag W/"6197c5cf-3508" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 expires Thu, 09 Nov 2023 15:28:55 GMT
GET H3	200	autoptimize_f093596a134353e48d1c45c0f7faa82a.js Show response hijackfacts.com/wp-content/cache/autoptimize/js/	52 KB 16 KB	164ms 162ms	Script application/x-javascript	2a02:4780:b:846:0:2a1d:62da:3 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-content/cache/autoptimize/js/autoptimize_f093596a134353e48d1c45c0f7faa82a.js Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a02:4780:b:846:0:2a1d:62da:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 6da95cc75c3c4a1018da8e5909dd4b9905c022e931bdc18e1407971e2abe8af5 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:38 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 09 Nov 2022 20:35:21 GMT server LiteSpeed etag "d0a5-636c0f09-72696b380be1c028;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=31557600,public, immutable accept-ranges bytes platform hostinger content-length 16040 expires Fri, 10 Nov 2023 15:39:38 GMT
GET DATA	200 OK	truncated /	31 KB 31 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855 Request headers Referer Origin https://hijackfacts.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type application/x-font-woff;charset=utf-8
GET H2	200	basket-7168206__480.png i0.wp.com/hijackfacts.com/wp-content/uploads/2022/10/	26 KB 27 KB	15ms 15ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/hijackfacts.com/wp-content/uploads/2022/10/basket-7168206__480.png?w=673&ssl=1 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash 5c9c6f653e35957ae11e67996e15521130ae96a4f57eb20003269bd3e8884bf2 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS hhn 1 date Thu, 10 Nov 2022 09:39:38 GMT x-content-type-options nosniff last-modified Thu, 10 Nov 2022 09:17:13 GMT server nginx etag "ef8b36d1ce4bf5ef" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://hijackfacts.com/wp-content/uploads/2022/10/basket-7168206__480.png>; rel="canonical" content-length 27014 expires Sat, 09 Nov 2024 21:17:13 GMT
GET H2	200	vitamin-C-face-serum-1.jpg i0.wp.com/hijackfacts.com/wp-content/uploads/2022/10/	24 KB 24 KB	43ms 43ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/hijackfacts.com/wp-content/uploads/2022/10/vitamin-C-face-serum-1.jpg?w=450&ssl=1 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash 2d0e1fbe415d13217e3cd16a31a07f001894e64605ab2fb32e9bea39ebc13eaf Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS hhn 1 date Thu, 10 Nov 2022 09:39:38 GMT x-content-type-options nosniff last-modified Thu, 10 Nov 2022 09:39:38 GMT server nginx etag "bc3db40178f6c845" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://hijackfacts.com/wp-content/uploads/2022/10/vitamin-C-face-serum-1.jpg>; rel="canonical" content-length 24722 expires Sat, 09 Nov 2024 21:39:38 GMT
GET DATA	200 OK	truncated /	156 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 428669244dc25878dc92d727b1caef42384c54305988196073497ec7b082ec53 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	Salicylic-acid-Face-Serum.jpg i0.wp.com/hijackfacts.com/wp-content/uploads/2022/10/	63 KB 64 KB	173ms 172ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/hijackfacts.com/wp-content/uploads/2022/10/Salicylic-acid-Face-Serum.jpg?w=1500&ssl=1 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash cede2c2c91397e9929742762f1e001acd53eda8013c1812bdc3b1bd67b2e4582 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS hhn 4 date Thu, 10 Nov 2022 09:39:39 GMT x-content-type-options nosniff last-modified Thu, 10 Nov 2022 09:39:39 GMT server nginx etag "8dd0fab01451761c" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://hijackfacts.com/wp-content/uploads/2022/10/Salicylic-acid-Face-Serum.jpg>; rel="canonical" content-length 64834 expires Sat, 09 Nov 2024 21:39:39 GMT
GET H2	200	cropped-Yellowstone-Season-5-2.jpeg i0.wp.com/hijackfacts.com/wp-content/uploads/2022/08/	42 KB 42 KB	81ms 80ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/hijackfacts.com/wp-content/uploads/2022/08/cropped-Yellowstone-Season-5-2.jpeg?w=640&ssl=1 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash 7f96deaa97b0704746fd987b5d0aa81f158f80c3d0e17d789292751383516dda Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS hhn 2 date Thu, 10 Nov 2022 09:39:39 GMT x-content-type-options nosniff last-modified Thu, 10 Nov 2022 09:39:39 GMT server nginx etag "b5aeaf5147d3e34c" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://hijackfacts.com/wp-content/uploads/2022/08/cropped-Yellowstone-Season-5-2.jpeg>; rel="canonical" content-length 42524 expires Sat, 09 Nov 2024 21:39:39 GMT
GET H2	200	cropped-Virgin-River-Season-5-Spoilers.webp i0.wp.com/hijackfacts.com/wp-content/uploads/2022/08/	44 KB 44 KB	31ms 30ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/hijackfacts.com/wp-content/uploads/2022/08/cropped-Virgin-River-Season-5-Spoilers.webp?w=640&ssl=1 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash 63da87733db16daaa6114999dd1a601bfaf29b792db95f77fdbb0664abc2b60f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS hhn 1 date Thu, 10 Nov 2022 09:39:38 GMT x-content-type-options nosniff last-modified Thu, 10 Nov 2022 09:39:38 GMT server nginx etag "706aacec5e35a872" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://hijackfacts.com/wp-content/uploads/2022/08/cropped-Virgin-River-Season-5-Spoilers.webp>; rel="canonical" content-length 45370 expires Sat, 09 Nov 2024 21:39:38 GMT
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/	353 KB 116 KB	63ms 47ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3886227883045602&plah=hijackfacts.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3886227883045602 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 96e7475a8b09fc182d8c2c7eddf1a3c7f5c858374f55f51544cb2327cb5c27bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:39 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 119049 x-xss-protection 0 server cafe etag 2276879535796389726 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 10 Nov 2022 09:39:39 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20221108/r20190131/ Frame C02E	10 KB 5 KB	37ms 8ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20221108/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3886227883045602 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hijackfacts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 33729 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding br content-length 4242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 10 Nov 2022 00:17:30 GMT etag 10353107486223812946 expires Thu, 24 Nov 2022 00:17:30 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	g.gif pixel.wp.com/	50 B 116 B	15ms 7ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/g.gif?v=ext&blog=195057920&post=0&tz=0&srv=hijackfacts.com&j=1%3A11.5&host=hijackfacts.com&ref=&fcp=2245&rand=0.4719492089052202 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers access-control-allow-origin * date Thu, 10 Nov 2022 09:39:39 GMT cache-control no-cache server nginx content-length 50 content-type image/gif
GET DATA	200 OK	truncated /	306 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5dca04c94ca9ce00ac27f8035781270aaefe1a48597cf9dc3cc0cd71845b254b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H3	200	/ Show response hijackfacts.com/web-stories/yellowstone-season-5-will-flick-the-fate-of-john-and-beth-dutton/ Frame 7650	38 KB 10 KB	357ms 357ms	Document text/html	2a02:4780:b:846:0:2a1d:62da:3 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/web-stories/yellowstone-season-5-will-flick-the-fate-of-john-and-beth-dutton/ Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/amp-story-player-v0.js?ver=v0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a02:4780:b:846:0:2a1d:62da:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / PHP/7.4.32 Resource Hash 22fa1e63e3ca9f90aeba3e108fc277ef2271f076fecd2fd014164de18869f02d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://hijackfacts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding br content-security-policy upgrade-insecure-requests content-type text/html; charset=utf-8 date Thu, 10 Nov 2022 09:39:39 GMT link <https://hijackfacts.com/wp-json/>; rel="https://api.w.org/" <https://hijackfacts.com/wp-json/web-stories/v1/web-story/27493>; rel="alternate"; type="application/json" <https://hijackfacts.com/?p=27493>; rel=shortlink platform hostinger server LiteSpeed vary Accept-Encoding x-powered-by PHP/7.4.32 x-ua-compatible IE=edge
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	397 B 701 B	58ms 17ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=hijackfacts.com&callback=_gfp_s_&client=ca-pub-3886227883045602&gpid_exp=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3886227883045602&plah=hijackfacts.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1823e67a744fe9e35737505fb515ed1547ccd3a94e3ef1abb4cb7613927b918c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:39 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 256 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	56ms 17ms	Script application/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=hijackfacts.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3886227883045602&plah=hijackfacts.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:39 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	48ms 17ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=hijackfacts.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3886227883045602&plah=hijackfacts.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:39 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	44ms 44ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fhijackfacts.com%2F&tn=DIV&id=wpadminbar&cls=nojq%20nojs&ign=false&pw=1600&ph=1200&x=0&y=0 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 10 Nov 2022 09:39:39 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 38A6	304 KB 82 KB	1730ms 1429ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&adk=1812271804&adf=3025194257&lmt=1668073179&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fhijackfacts.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073178994&bpp=3&bdt=579&idt=124&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7357869503445&frm=20&pv=2&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=146 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3886227883045602&plah=hijackfacts.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d1333db52440a1400f877080c93e5c1982ac1da97d8405ae85f0d06f7e4abda4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hijackfacts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 83346 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 10 Nov 2022 09:39:40 GMT expires Thu, 10 Nov 2022 09:39:40 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	wp-emoji-release.min.js Show response hijackfacts.com/wp-includes/js/	18 KB 5 KB	147ms 147ms	Script application/x-javascript	2a02:4780:b:846:0:2a1d:62da:3 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/wp-content/cache/autoptimize/js/autoptimize_f093596a134353e48d1c45c0f7faa82a.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a02:4780:b:846:0:2a1d:62da:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:39 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 22 Jun 2022 02:20:09 GMT server LiteSpeed etag "48b9-62b27c59-4b24f2abfe51dd56;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=31557600 accept-ranges bytes platform hostinger content-length 4572 expires Fri, 10 Nov 2023 15:39:39 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	37ms 7ms	Script text/javascript	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-200886985-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 10 Nov 2022 09:15:54 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 1425 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Thu, 10 Nov 2022 11:15:54 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	211 KB 74 KB	48ms 28ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-DN2P3VKFD6&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-200886985-1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 93c92af6e57a443c0c59124ab58ea2ed356b44521a539e5fdc531a01e742667c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 75946 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 10 Nov 2022 09:39:39 GMT
GET H3	200	gtm.js Show response www.googletagmanager.com/	94 KB 37 KB	41ms 21ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TN46N58 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/wp-content/cache/autoptimize/js/autoptimize_f093596a134353e48d1c45c0f7faa82a.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ad2575f2e296fc77203d17991304202b86f3efaf29f46ab987398dca3ea0a5eb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37718 x-xss-protection 0 last-modified Thu, 10 Nov 2022 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 10 Nov 2022 09:39:39 GMT
GET H3	200	js Show response www.google-analytics.com/gtm/	110 KB 43 KB	41ms 21ms	Script application/javascript	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=OPT-5PZL3K4&t=gtag_UA_200886985_1&cid=1442198975.1668073179&aip=true Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c5da53cce8b0548d4dbfe68c2a1c0017bf60112e11a0b555c5153e345f5344fc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44094 x-xss-protection 0 last-modified Thu, 10 Nov 2022 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 10 Nov 2022 09:39:39 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 347 B	45ms 14ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-DN2P3VKFD6&gtm=2oeb70&_p=812062211&gdid=dZTNiMT&cid=1442198975.1668073179&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668073179&sct=1&seg=0&dl=https%3A%2F%2Fhijackfacts.com%2F&dt=HIJACKFACTS&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DN2P3VKFD6&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 10 Nov 2022 09:39:39 GMT server Golfe2 content-type text/plain access-control-allow-origin https://hijackfacts.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	15ms 14ms	XHR text/plain	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=812062211&t=pageview&_s=1&dl=https%3A%2F%2Fhijackfacts.com%2F&ul=en-us&de=UTF-8&dt=HIJACKFACTS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChACUADRAAAACAAI~&jid=474452136&gjid=220736614&cid=1442198975.1668073179&tid=UA-200886985-1&_gid=1030389150.1668073179&_r=1&gtm=2oub90&did=dZTNiMT&gdid=dZTNiMT&z=1621599308 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://hijackfacts.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 10 Nov 2022 09:39:39 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://hijackfacts.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	v0.mjs Show response cdn.ampproject.org/ Frame 7650	221 KB 62 KB	57ms 38ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0.mjs Requested by Host: hijackfacts.com URL: https://hijackfacts.com/web-stories/yellowstone-season-5-will-flick-the-fate-of-john-and-beth-dutton/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2bce320185a8a70ff9b9d8ee5a8b6291776628664cd7e0d83967ca43264af4e3 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hijackfacts.com/ Origin https://hijackfacts.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Thu, 10 Nov 2022 09:39:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 63061 x-xss-protection 0 server sffe etag "ab397d4db7259cb5" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3000, stale-while-revalidate=1206600 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 10 Nov 2022 09:39:39 GMT
GET H3	200	amp-story-1.0.js Show response cdn.ampproject.org/v0/ Frame 7650	219 KB 49 KB	39ms 22ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-story-1.0.js Requested by Host: hijackfacts.com URL: https://hijackfacts.com/web-stories/yellowstone-season-5-will-flick-the-fate-of-john-and-beth-dutton/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7dc6d09bc14fbf814250c83d0fb8b8306d76af98e320aa6ee0c2560327171aa4 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Thu, 10 Nov 2022 09:39:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49700 x-xss-protection 0 server sffe etag "1653444d36135f75" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 10 Nov 2022 09:39:39 GMT
GET H3	200	Yellowstone-Season-5.jpeg hijackfacts.com/wp-content/uploads/2022/08/ Frame 7650	132 KB 132 KB	143ms 142ms	Image image/jpeg	2a02:4780:b:846:0:2a1d:62da:3 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://hijackfacts.com/wp-content/uploads/2022/08/Yellowstone-Season-5.jpeg Requested by Host: hijackfacts.com URL: https://hijackfacts.com/web-stories/yellowstone-season-5-will-flick-the-fate-of-john-and-beth-dutton/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a02:4780:b:846:0:2a1d:62da:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash f607f1e99dfbcfd340f00984a60ae67477ef6a5ad72a73df57b5974558d0c1ea Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/web-stories/yellowstone-season-5-will-flick-the-fate-of-john-and-beth-dutton/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:39 GMT content-security-policy upgrade-insecure-requests last-modified Mon, 08 Aug 2022 22:08:53 GMT server LiteSpeed etag "20e7a-62f18975-bbc7e378ee8e822;;;" content-type image/jpeg cache-control public, max-age=31557600 accept-ranges bytes platform hostinger content-length 134778 expires Fri, 10 Nov 2023 15:39:39 GMT
GET H3	200	amp-story-1.0.mjs Show response cdn.ampproject.org/v0/ Frame 7650	197 KB 45 KB	37ms 22ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-story-1.0.mjs Requested by Host: hijackfacts.com URL: https://hijackfacts.com/web-stories/yellowstone-season-5-will-flick-the-fate-of-john-and-beth-dutton/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a11694808054da9ea20d5c67162960c0db5e24baa872f2755153162982a043 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hijackfacts.com/ Origin https://hijackfacts.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Thu, 10 Nov 2022 09:39:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46214 x-xss-protection 0 server sffe etag "b5a88437dbc70db1" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 10 Nov 2022 09:39:39 GMT
GET H3	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/v0/ Frame 7650	94 KB 28 KB	51ms 35ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-analytics-0.1.mjs Requested by Host: hijackfacts.com URL: https://hijackfacts.com/web-stories/yellowstone-season-5-will-flick-the-fate-of-john-and-beth-dutton/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9c7368172b4bd698c91af60f5a0df8b16eb762449cd23f99f96a0997085bb0a8 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hijackfacts.com/ Origin https://hijackfacts.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Thu, 10 Nov 2022 09:39:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28892 x-xss-protection 0 server sffe etag "c1a0de186712e04f" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 10 Nov 2022 09:39:39 GMT
GET H3	200	amp-story-auto-ads-0.1.mjs Show response cdn.ampproject.org/v0/ Frame 7650	58 KB 18 KB	31ms 16ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-story-auto-ads-0.1.mjs Requested by Host: hijackfacts.com URL: https://hijackfacts.com/web-stories/yellowstone-season-5-will-flick-the-fate-of-john-and-beth-dutton/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae375e7947911734bc0597f481e8268c6ad928c1527b387606cfe58284288fd4 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hijackfacts.com/ Origin https://hijackfacts.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Thu, 10 Nov 2022 09:39:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18664 x-xss-protection 0 server sffe etag "9ea831ca317d277f" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 10 Nov 2022 09:39:39 GMT
GET H2	200	css2 fonts.googleapis.com/ Frame 7650	2 KB 1 KB	47ms 19ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?display=swap&family=Roboto Requested by Host: hijackfacts.com URL: https://hijackfacts.com/web-stories/yellowstone-season-5-will-flick-the-fate-of-john-and-beth-dutton/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 10 Nov 2022 09:39:39 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 10 Nov 2022 09:02:28 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 10 Nov 2022 09:39:39 GMT
GET H3	200	amp-story-1.0.css cdn.ampproject.org/v0/ Frame 7650	22 KB 4 KB	53ms 41ms	Stylesheet text/css	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-story-1.0.css Requested by Host: hijackfacts.com URL: https://hijackfacts.com/web-stories/yellowstone-season-5-will-flick-the-fate-of-john-and-beth-dutton/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 18ec094361e2a331611687b1cc61e74ae95ac9fc1a41326a5479840e92e8614d Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Thu, 10 Nov 2022 09:39:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4005 x-xss-protection 0 server sffe etag "2a19e542c8f20644" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 10 Nov 2022 09:39:39 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 7650	15 KB 16 KB	36ms 8ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?display=swap&family=Roboto Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hijackfacts.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 01:15:16 GMT x-content-type-options nosniff age 116663 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 09 Nov 2023 01:15:16 GMT
GET H3	200	amp-viewer-integration-0.1.mjs Show response cdn.ampproject.org/rtv/012210272257000/v0/ Frame 7650	30 KB 10 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012210272257000/v0/amp-viewer-integration-0.1.mjs Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.mjs Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash acf70d236d78f3e398c0f83c8c7c6b25ecc871f9e04adbe337aab7a6fd8015d4 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hijackfacts.com/ Origin https://hijackfacts.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 08 Nov 2022 19:46:14 GMT age 136405 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10693 x-xss-protection 0 server sffe etag "4b3b139af07aaa96" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 08 Nov 2023 19:46:14 GMT
GET H3	200	amp-story.en.json Show response cdn.ampproject.org/rtv/012210272257000/v0/ Frame 7650	1 KB 577 B	15ms 15ms	Fetch application/json	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012210272257000/v0/amp-story.en.json?__amp_source_origin=https%3A%2F%2Fhijackfacts.com Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.mjs Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 66882bb0c785a4eb8ed4f76c06c33d3560b6f40cd1f4a213f165932f89fca690 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept application/json Referer https://hijackfacts.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Thu, 10 Nov 2022 09:39:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 548 x-xss-protection 0 server sffe etag "dd905a3f3fe98e12" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type application/json access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 10 Nov 2023 09:39:39 GMT
GET DATA	200 OK	truncated / Frame 7650	334 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f6a33c4065ed711ca461e2cdf96071ee683ad3ba2be779c4cc9c2628c06e88a5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated / Frame 7650	290 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a5eb42fcea696e8de6ccc99237733b9143df73ce0fa7311d17b52641d9f913a3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H3	200	/ Show response hijackfacts.com/web-stories/virgin-river-season-5-spoilers/ Frame 26BC	41 KB 11 KB	341ms 340ms	Document text/html	2a02:4780:b:846:0:2a1d:62da:3 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/web-stories/virgin-river-season-5-spoilers/ Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/amp-story-player-v0.js?ver=v0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a02:4780:b:846:0:2a1d:62da:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / PHP/7.4.32 Resource Hash 0a24a6bd7d307a5234a002eeec8bbb4e020f1f6f50b26e3cf1ce5a0c90e0d2ce Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://hijackfacts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding br content-security-policy upgrade-insecure-requests content-type text/html; charset=utf-8 date Thu, 10 Nov 2022 09:39:40 GMT link <https://hijackfacts.com/wp-json/>; rel="https://api.w.org/" <https://hijackfacts.com/wp-json/web-stories/v1/web-story/27479>; rel="alternate"; type="application/json" <https://hijackfacts.com/?p=27479>; rel=shortlink platform hostinger server LiteSpeed vary Accept-Encoding x-powered-by PHP/7.4.32 x-ua-compatible IE=edge
GET H3	200	v0.mjs Show response cdn.ampproject.org/ Frame 26BC	221 KB 62 KB	30ms 29ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0.mjs Requested by Host: hijackfacts.com URL: https://hijackfacts.com/web-stories/virgin-river-season-5-spoilers/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2bce320185a8a70ff9b9d8ee5a8b6291776628664cd7e0d83967ca43264af4e3 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hijackfacts.com/ Origin https://hijackfacts.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Thu, 10 Nov 2022 09:39:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 63061 x-xss-protection 0 server sffe etag "ab397d4db7259cb5" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3000, stale-while-revalidate=1206600 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 10 Nov 2022 09:39:40 GMT
GET H3	200	amp-story-1.0.js Show response cdn.ampproject.org/v0/ Frame 26BC	219 KB 49 KB	20ms 17ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-story-1.0.js Requested by Host: hijackfacts.com URL: https://hijackfacts.com/web-stories/virgin-river-season-5-spoilers/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7dc6d09bc14fbf814250c83d0fb8b8306d76af98e320aa6ee0c2560327171aa4 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Thu, 10 Nov 2022 09:39:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49700 x-xss-protection 0 server sffe etag "1653444d36135f75" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 10 Nov 2022 09:39:40 GMT
GET H3	200	Virgin-River-Season-5-Spoilers.webp hijackfacts.com/wp-content/uploads/2022/08/ Frame 26BC	128 KB 128 KB	143ms 142ms	Image image/webp	2a02:4780:b:846:0:2a1d:62da:3 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://hijackfacts.com/wp-content/uploads/2022/08/Virgin-River-Season-5-Spoilers.webp Requested by Host: hijackfacts.com URL: https://hijackfacts.com/web-stories/virgin-river-season-5-spoilers/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a02:4780:b:846:0:2a1d:62da:3 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 5a3f4217863c607fa470926ee6f276c7e2b88def951b2ded87ed769a297c78c2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/web-stories/virgin-river-season-5-spoilers/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:40 GMT content-security-policy upgrade-insecure-requests last-modified Mon, 08 Aug 2022 21:36:59 GMT server LiteSpeed etag "1fffe-62f181fb-101eb5303badc4b2;;;" content-type image/webp cache-control public, max-age=31557600 accept-ranges bytes platform hostinger content-length 131070 expires Fri, 10 Nov 2023 15:39:40 GMT
GET H3	200	amp-story-1.0.mjs Show response cdn.ampproject.org/v0/ Frame 26BC	197 KB 45 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-story-1.0.mjs Requested by Host: hijackfacts.com URL: https://hijackfacts.com/web-stories/virgin-river-season-5-spoilers/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a11694808054da9ea20d5c67162960c0db5e24baa872f2755153162982a043 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hijackfacts.com/ Origin https://hijackfacts.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Thu, 10 Nov 2022 09:39:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46214 x-xss-protection 0 server sffe etag "b5a88437dbc70db1" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 10 Nov 2022 09:39:40 GMT
GET H3	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/v0/ Frame 26BC	94 KB 28 KB	30ms 29ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-analytics-0.1.mjs Requested by Host: hijackfacts.com URL: https://hijackfacts.com/web-stories/virgin-river-season-5-spoilers/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9c7368172b4bd698c91af60f5a0df8b16eb762449cd23f99f96a0997085bb0a8 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hijackfacts.com/ Origin https://hijackfacts.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Thu, 10 Nov 2022 09:39:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28892 x-xss-protection 0 server sffe etag "c1a0de186712e04f" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 10 Nov 2022 09:39:40 GMT
GET H3	200	amp-story-auto-ads-0.1.mjs Show response cdn.ampproject.org/v0/ Frame 26BC	58 KB 18 KB	19ms 19ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-story-auto-ads-0.1.mjs Requested by Host: hijackfacts.com URL: https://hijackfacts.com/web-stories/virgin-river-season-5-spoilers/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae375e7947911734bc0597f481e8268c6ad928c1527b387606cfe58284288fd4 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hijackfacts.com/ Origin https://hijackfacts.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Thu, 10 Nov 2022 09:39:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18664 x-xss-protection 0 server sffe etag "9ea831ca317d277f" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 10 Nov 2022 09:39:40 GMT
GET H3	200	css2 fonts.googleapis.com/ Frame 26BC	4 KB 636 B	36ms 19ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?display=swap&family=Roboto%3Awght%40400%3B700 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/web-stories/virgin-river-season-5-spoilers/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 10 Nov 2022 09:39:40 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 10 Nov 2022 09:00:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 10 Nov 2022 09:39:40 GMT
GET H3	200	amp-story-1.0.css cdn.ampproject.org/v0/ Frame 26BC	22 KB 4 KB	26ms 24ms	Stylesheet text/css	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-story-1.0.css Requested by Host: hijackfacts.com URL: https://hijackfacts.com/web-stories/virgin-river-season-5-spoilers/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 18ec094361e2a331611687b1cc61e74ae95ac9fc1a41326a5479840e92e8614d Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Thu, 10 Nov 2022 09:39:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4005 x-xss-protection 0 server sffe etag "2a19e542c8f20644" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 10 Nov 2022 09:39:40 GMT
GET H3	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 26BC	15 KB 16 KB	24ms 7ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?display=swap&family=Roboto%3Awght%40400%3B700 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hijackfacts.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 07 Nov 2022 16:44:52 GMT x-content-type-options nosniff age 233688 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 07 Nov 2023 16:44:52 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 26BC	15 KB 15 KB	24ms 9ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?display=swap&family=Roboto%3Awght%40400%3B700 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hijackfacts.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 01:15:16 GMT x-content-type-options nosniff age 116664 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 09 Nov 2023 01:15:16 GMT
GET H3	200	amp-viewer-integration-0.1.mjs Show response cdn.ampproject.org/rtv/012210272257000/v0/ Frame 26BC	30 KB 10 KB	11ms 11ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012210272257000/v0/amp-viewer-integration-0.1.mjs Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.mjs Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash acf70d236d78f3e398c0f83c8c7c6b25ecc871f9e04adbe337aab7a6fd8015d4 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hijackfacts.com/ Origin https://hijackfacts.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 08 Nov 2022 19:46:14 GMT age 136406 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10693 x-xss-protection 0 server sffe etag "4b3b139af07aaa96" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 08 Nov 2023 19:46:14 GMT
GET H3	200	amp-story.en.json Show response cdn.ampproject.org/rtv/012210272257000/v0/ Frame 26BC	1 KB 578 B	12ms 11ms	Fetch application/json	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012210272257000/v0/amp-story.en.json?__amp_source_origin=https%3A%2F%2Fhijackfacts.com Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.mjs Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 66882bb0c785a4eb8ed4f76c06c33d3560b6f40cd1f4a213f165932f89fca690 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept application/json Referer https://hijackfacts.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 10 Nov 2022 09:39:39 GMT age 1 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 548 x-xss-protection 0 server sffe etag "dd905a3f3fe98e12" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type application/json access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 10 Nov 2023 09:39:39 GMT
GET DATA	200 OK	truncated / Frame 26BC	334 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f6a33c4065ed711ca461e2cdf96071ee683ad3ba2be779c4cc9c2628c06e88a5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated / Frame 26BC	290 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a5eb42fcea696e8de6ccc99237733b9143df73ce0fa7311d17b52641d9f913a3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	42ms 25ms	XHR application/json	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221108&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3886227883045602&plah=hijackfacts.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1b477fc6a04cefdd4afa1d80a0e1bc8d00f736e37b545e83971393cdb48b3696 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:40 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11184 x-xss-protection 0
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/	150 KB 51 KB	29ms 29ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/reactive_library_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3886227883045602&plah=hijackfacts.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 82b9b05bfac4dab90613ac08453687db4f21643cb2e10ea6a181c20ae3299fb0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:40 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52268 x-xss-protection 0 server cafe etag 11088482132222370204 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Thu, 10 Nov 2022 09:39:40 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	42ms 41ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C1&c=ca-pub-3886227883045602&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 10 Nov 2022 09:39:40 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	42ms 41ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=3&wpc=ca-pub-3886227883045602&warn=12%2C13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20221107_093517&sat=1667952043860&afm=0&as_count=0&d_count=0&ng_count=0&am_count=3&atf_count=0&mdns=0&alldns=0.217&allp=8&fd=(0%2C1%2C1)%2C(1%2C3%2C3)%2C(2%2C0%2C0)&pgh=6945&abl=false&rr=n&su=hijackfacts.com&pvc=2684567859538857&r=0.1&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 10 Nov 2022 09:39:40 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	35ms 18ms	Script application/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=hijackfacts.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3886227883045602&plah=hijackfacts.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:40 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	34ms 17ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=hijackfacts.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3886227883045602&plah=hijackfacts.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:40 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame F848	113 KB 43 KB	538ms 538ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3886227883045602&plah=hijackfacts.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a2fc04df7c2e40a9e3fc309f16d5d4838788d60b9ccdbbbed6dacbd814037edf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hijackfacts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 44044 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 10 Nov 2022 09:39:41 GMT expires Thu, 10 Nov 2022 09:39:41 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 11B7	113 KB 43 KB	430ms 430ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=662&adk=2587678068&adf=4111752464&pi=t.aa~a.3270109506~rp.4&w=820&lmt=1668073180&nsk=cd60aaff&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x662&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=1&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0%2C820x568&nras=3&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lVShVyQNJj&p=https%3A//hijackfacts.com&dtd=19 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3886227883045602&plah=hijackfacts.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash eac26aafee92174e5e6a83ab254159462205baf8aff9251130e1b8e0709095d5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hijackfacts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 43870 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 10 Nov 2022 09:39:41 GMT expires Thu, 10 Nov 2022 09:39:41 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	97ms 67ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3886227883045602&plah=hijackfacts.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 10 Nov 2022 09:39:41 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	42ms 41ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C1&c=ca-pub-3886227883045602&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 10 Nov 2022 09:39:40 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/ Frame 391F	10 KB 4 KB	8ms 8ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3886227883045602&plah=hijackfacts.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hijackfacts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 47504 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding br content-length 4242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 09 Nov 2022 20:27:56 GMT etag 10353107486223812946 expires Wed, 23 Nov 2022 20:27:56 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/ Frame 8131	10 KB 4 KB	10ms 9ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3886227883045602&plah=hijackfacts.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hijackfacts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 47504 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding br content-length 4242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 09 Nov 2022 20:27:56 GMT etag 10353107486223812946 expires Wed, 23 Nov 2022 20:27:56 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	css2 fonts.googleapis.com/ Frame 391F	4 KB 636 B	18ms 18ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 10 Nov 2022 09:39:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 10 Nov 2022 09:03:13 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 10 Nov 2022 09:39:41 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 391F	205 B 742 B	33ms 9ms	Image image/png	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:10:57 GMT x-content-type-options nosniff age 1724 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 205 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Fri, 10 Nov 2023 09:10:57 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 391F	604 B 693 B	33ms 9ms	Image image/png	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:36:40 GMT x-content-type-options nosniff age 181 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 604 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Fri, 10 Nov 2023 09:36:40 GMT
GET H2	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221108/r20110914/elements/html/ Frame 391F	19 KB 8 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0eb4e391405f5cdf4295af82759acbbc910417075f3ba2a81021fc043a11df4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 18:09:39 GMT content-encoding br x-content-type-options nosniff age 55802 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8054 x-xss-protection 0 server cafe etag 16317647862241481574 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 23 Nov 2022 18:09:39 GMT
GET H3	200	cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.html Show response tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/ Frame 2D47	5 KB 2 KB	31ms 9ms	Document text/html	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.html Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 011c55b3fa308ffbcf9355a57dbf6933658d7807626e88ee8edc39e39a70fa4b Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 550844 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 1724 content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" cross-origin-resource-policy cross-origin date Fri, 04 Nov 2022 00:38:57 GMT expires Sat, 04 Nov 2023 00:38:57 GMT last-modified Tue, 25 Oct 2022 13:37:07 GMT report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 8131	0 0	54ms 53ms	Fetch text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CQbZY28ZsY-6bHJSP1waw0Ju4CJ-aw5VtkZjV2qgQjZ_hivQKEAEgjKzMhwFglYKJgpgHoAHHxOz3A8gBCagDAcgDSKoE2wFP0Dy-tUpEYN3rEQIGzpiZenpsUno_ghPJeouvsMFsMqMBryCzxIL_wMIkK59ist39ZtTMmARFtxD75Wrk7vouuNLQwcgzY_2JCi1QCUWHIFxt6Hz5OqLGH6WJMFv7Ekd0xTEkTbl9ElCEAiLvuyG2F8Ea6dwMTvHIy7kT-1k2voMvRf6Vi8-iOCPczT-h5Eq9KfAIloDxW4Yd85WLPxMldpm62dh0XqikR2xhB-mkJueSXX5cPm-mpkv20F5f2qlV7nVBdwr7lkYy454gI46SwLSX58Yi7GcyyOvABMH63LiHBJIFBAgEGAGSBQQIBRgEoAYugAf_sLjdAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcFEObpoQHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi0zODg2MjI3ODgzMDQ1NjAyGAA&sigh=igLA1QjABys&uach_m=[UACH]&cid=CAQSGwDq26N9g8_ns83pmcWu2kNnGbaRRCeAKB9akhgBIBM&template_id=419 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Thu, 10 Nov 2022 09:39:41 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Thu, 10 Nov 2022 09:39:41 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221108/r20110914/ Frame 8131	23 KB 9 KB	28ms 7ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d25748100cd828212b1c129e0e8cf70249c8b147a458db5cad88d9b19159b633 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 18:00:05 GMT content-encoding br x-content-type-options nosniff age 56376 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9353 x-xss-protection 0 server cafe etag 2177555007986509113 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 23 Nov 2022 18:00:05 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame FAD4	2 KB 765 B	7ms 7ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 18:05:29 GMT content-encoding br x-content-type-options nosniff age 56052 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 23 Nov 2022 18:05:29 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221108/r20110914/ Frame FAD4	23 KB 9 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d25748100cd828212b1c129e0e8cf70249c8b147a458db5cad88d9b19159b633 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 18:00:05 GMT content-encoding br x-content-type-options nosniff age 56376 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9353 x-xss-protection 0 server cafe etag 2177555007986509113 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 23 Nov 2022 18:00:05 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame FAD4	3 KB 1 KB	10ms 10ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 18:01:10 GMT content-encoding br x-content-type-options nosniff age 56311 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 23 Nov 2022 18:01:10 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame FAD4	18 KB 7 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 18:00:05 GMT content-encoding br x-content-type-options nosniff age 56376 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7380 x-xss-protection 0 server cafe etag 12918171938167859976 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 23 Nov 2022 18:00:05 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame FAD4	154 KB 48 KB	58ms 26ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48226 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1667997631252355" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 10 Nov 2022 09:39:41 GMT
GET H3	200	f7733d2b54a65c984752ab0a98c7def9.js Show response www.gstatic.com/mysidia/ Frame FAD4	34 KB 14 KB	26ms 8ms	Script text/javascript	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 01:22:59 GMT content-encoding gzip x-content-type-options nosniff age 116202 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14118 x-xss-protection 0 last-modified Fri, 04 Nov 2022 08:03:27 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 07 Feb 2023 01:22:59 GMT
GET H3	200	exitapi-impl.js Show response tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 2D47	6 KB 3 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 13:44:20 GMT content-encoding br x-content-type-options nosniff age 71721 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2551 x-xss-protection 0 server cafe etag 4618035238173732404 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Thu, 10 Nov 2022 13:44:20 GMT
GET H3	200	addata.js Show response tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2D47	34 KB 13 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 09:40:58 GMT content-encoding br x-content-type-options nosniff age 86323 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13035 x-xss-protection 0 server cafe etag 2319883687766034370 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Thu, 10 Nov 2022 09:40:58 GMT
GET H3	200	cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.css tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/ Frame 2D47	8 KB 2 KB	12ms 11ms	Stylesheet text/css	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.css Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 780d403a1613351c75212aa0cf90a589620df9f25c999a5a58a5d7269b179af6 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' content-encoding gzip x-content-type-options nosniff date Fri, 04 Nov 2022 00:35:38 GMT age 551043 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1772 x-xss-protection 0 last-modified Tue, 25 Oct 2022 13:37:07 GMT server sffe vary Accept-Encoding report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 04 Nov 2023 00:35:38 GMT
GET H3	200	cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90_media_query.css tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/ Frame 2D47	433 B 218 B	11ms 10ms	Stylesheet text/css	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90_media_query.css Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 82a66857df1a6a343f72ea9e41b3dc46ff03ed8ecaa3f6c1e50f29c3b335339a Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' content-encoding gzip x-content-type-options nosniff date Wed, 09 Nov 2022 11:15:27 GMT age 80654 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 188 x-xss-protection 0 last-modified Tue, 25 Oct 2022 13:37:07 GMT server sffe vary Accept-Encoding report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 09 Nov 2023 11:15:27 GMT
GET H3	200	css fonts.googleapis.com/ Frame 2D47	10 KB 758 B	18ms 17ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900 Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash dd2059dd98af175f39c3480a0e0db9b47370d3b11ab0eeb69100532abd389718 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 10 Nov 2022 09:39:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 10 Nov 2022 09:09:00 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 10 Nov 2022 09:39:41 GMT
GET H3	200	cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_dell_logo_728x90.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/ Frame 2D47	4 KB 4 KB	10ms 9ms	Image image/png	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_dell_logo_728x90.png Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 07f42afae76a6a0f6bae6118261e2ac6c3c74b59d77f844edb8b5e6d2138757d Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' date Wed, 09 Nov 2022 11:15:27 GMT x-content-type-options nosniff age 80654 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4119 x-xss-protection 0 last-modified Tue, 25 Oct 2022 13:37:07 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 09 Nov 2023 11:15:27 GMT
GET H3	200	cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_funding_728x90.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/ Frame 2D47	8 KB 8 KB	19ms 17ms	Image image/png	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_funding_728x90.png Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aa17151ef2143246cffd8557799b596177bb0a70bba81cb032d92afe566aa08e Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' date Wed, 09 Nov 2022 11:15:27 GMT x-content-type-options nosniff age 80654 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7997 x-xss-protection 0 last-modified Tue, 25 Oct 2022 13:37:07 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 09 Nov 2023 11:15:27 GMT
GET H3	200	cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_pro_f1_728x90.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/ Frame 2D47	20 KB 20 KB	15ms 13ms	Image image/png	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_pro_f1_728x90.png Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0d5656f4916035e88ac9682c3787c0acedf9b69424b8a2b11de64039f9ee6e43 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' date Wed, 09 Nov 2022 19:12:18 GMT x-content-type-options nosniff age 52043 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20327 x-xss-protection 0 last-modified Tue, 25 Oct 2022 13:37:07 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 09 Nov 2023 19:12:18 GMT
GET H3	200	cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_img_f2_728x90.jpg tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/ Frame 2D47	18 KB 18 KB	23ms 22ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_img_f2_728x90.jpg Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 773f74f15598a16b34101221ec688aaa5e27e065d07bd4058ff2bd5bf64e2538 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' date Wed, 09 Nov 2022 19:17:16 GMT x-content-type-options nosniff age 51745 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18724 x-xss-protection 0 last-modified Tue, 25 Oct 2022 13:37:07 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 09 Nov 2023 19:17:16 GMT
GET H3	200	cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_pro_f3_728x90.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/ Frame 2D47	23 KB 23 KB	20ms 19ms	Image image/png	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_pro_f3_728x90.png Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c4a77095865bc40917b00c122677383a3fdc1f09150b74585938f7fd36c58f8f Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' date Wed, 09 Nov 2022 11:15:27 GMT x-content-type-options nosniff age 80654 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23159 x-xss-protection 0 last-modified Tue, 25 Oct 2022 13:37:07 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 09 Nov 2023 11:15:27 GMT
GET H3	200	cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_viof5_728x90.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/ Frame 2D47	3 KB 3 KB	18ms 17ms	Image image/png	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_viof5_728x90.png Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8138069002779a85c327fc4dc458435e1778d1dbcd14590bd37b83291de81948 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' date Wed, 09 Nov 2022 11:15:27 GMT x-content-type-options nosniff age 80654 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2937 x-xss-protection 0 last-modified Tue, 25 Oct 2022 13:37:07 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 09 Nov 2023 11:15:27 GMT
GET H3	200	cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_pro_f4_728x90.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/ Frame 2D47	20 KB 20 KB	21ms 20ms	Image image/png	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_pro_f4_728x90.png Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6db5e9a8ea58f2c37aeaa51f0f6e25ef46c3ff86a52b053adda3b512e1673c66 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' date Thu, 03 Nov 2022 12:11:25 GMT x-content-type-options nosniff age 595696 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20721 x-xss-protection 0 last-modified Tue, 25 Oct 2022 13:37:07 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 03 Nov 2023 12:11:25 GMT
GET H3	200	cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_viof4_728x90.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/ Frame 2D47	3 KB 3 KB	13ms 12ms	Image image/png	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_viof4_728x90.png Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 981678b458fa27d4ca51f0d158ae255de3550babad90ac2e0252d10673f53a48 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' date Wed, 09 Nov 2022 11:15:27 GMT x-content-type-options nosniff age 80654 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2946 x-xss-protection 0 last-modified Tue, 25 Oct 2022 13:37:07 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 09 Nov 2023 11:15:27 GMT
GET H3	200	cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_pro_f5_728x90.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/ Frame 2D47	30 KB 30 KB	15ms 14ms	Image image/png	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_pro_f5_728x90.png Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b210fcd6f3b38a264e3b5d026730ae4deeffecd95b27c41d630e95d937a11204 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' date Wed, 09 Nov 2022 11:15:27 GMT x-content-type-options nosniff age 80654 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30547 x-xss-protection 0 last-modified Tue, 25 Oct 2022 13:37:07 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 09 Nov 2023 11:15:27 GMT
GET H2	200	tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 2D47	105 KB 36 KB	40ms 14ms	Script text/javascript	2a00:1450:4001:802::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:41 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35824 x-xss-protection 0 last-modified Fri, 09 Oct 2015 14:01:28 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 10 Nov 2022 09:39:41 GMT
GET H3	200	cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.js Show response tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/ Frame 2D47	3 KB 860 B	8ms 8ms	Script application/x-javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8213494209652613938/cs2204g0024_081_645921_de_cs_csb_fy23q4w1_oa_bfsneakpeak_iab_initiative_728x90.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 629cb66904101909393c2467dd674ba0788c781f30724e289668c9a361308506 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' content-encoding gzip x-content-type-options nosniff date Wed, 09 Nov 2022 11:15:27 GMT age 80654 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 829 x-xss-protection 0 last-modified Tue, 25 Oct 2022 13:37:07 GMT server sffe vary Accept-Encoding report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 09 Nov 2023 11:15:27 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 826C	13 KB 5 KB	9ms 7ms	Document text/html	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hijackfacts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 7141 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 10 Nov 2022 07:40:40 GMT expires Fri, 10 Nov 2023 07:40:40 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame BA4A	783 B 1 KB	41ms 19ms	Document text/html	2a00:1450:4001:809::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 9ab2dab1b62e2aa787c077ec4c64ff7cf85798b8cdf96a0af3dcd009d0d8bee3 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-BTsyPFf7yUtJexRyxtgz-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://hijackfacts.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 512 content-security-policy script-src 'report-sample' 'nonce-BTsyPFf7yUtJexRyxtgz-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 10 Nov 2022 09:39:41 GMT expires Thu, 10 Nov 2022 09:39:41 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 8B9A	143 B 166 B	7ms 7ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1455 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 10 Nov 2022 09:15:26 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 8131	3 KB 1 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 18:01:10 GMT content-encoding br x-content-type-options nosniff age 56311 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 23 Nov 2022 18:01:10 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 8131	18 KB 7 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 18:00:05 GMT content-encoding br x-content-type-options nosniff age 56376 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7380 x-xss-protection 0 server cafe etag 12918171938167859976 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 23 Nov 2022 18:00:05 GMT
GET H3	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 2D47	15 KB 16 KB	8ms 8ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin null accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 07 Nov 2022 16:44:52 GMT x-content-type-options nosniff age 233689 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 07 Nov 2023 16:44:52 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 2D47	15 KB 15 KB	9ms 8ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin null accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 01:15:16 GMT x-content-type-options nosniff age 116665 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 09 Nov 2023 01:15:16 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 8131	154 KB 47 KB	33ms 17ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48226 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1667997631252355" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 10 Nov 2022 09:39:41 GMT
GET DATA	200 OK	truncated / Frame 8131	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 95168b9c71a4436a874ce06b03fe722231a25f93fcf7178dac0ab8fa735ceae3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/png
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 8B9A Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	33ms 33ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221108/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 10 Nov 2022 09:39:41 GMT expires Thu, 10 Nov 2022 09:39:41 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 10 Nov 2022 09:39:41 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response pagead2.googlesyndication.com/bg/ Frame 826C	36 KB 16 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 04 Nov 2022 20:03:58 GMT content-encoding gzip x-content-type-options nosniff age 480943 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16010 x-xss-protection 0 last-modified Thu, 03 Nov 2022 09:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Nov 2023 20:03:58 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame BA4A	0 0	41ms 40ms	Image text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221108&jk=2684567859538857&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers
GET H3	200	api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response pagead2.googlesyndication.com/bg/ Frame F9B8	36 KB 16 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Requested by Host: hijackfacts.com URL: https://hijackfacts.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 04 Nov 2022 20:03:58 GMT content-encoding gzip x-content-type-options nosniff age 480943 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16010 x-xss-protection 0 last-modified Thu, 03 Nov 2022 09:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Nov 2023 20:03:58 GMT
GET H3	200	api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response pagead2.googlesyndication.com/bg/ Frame 2D47	36 KB 16 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 04 Nov 2022 20:03:58 GMT content-encoding gzip x-content-type-options nosniff age 480943 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16010 x-xss-protection 0 last-modified Thu, 03 Nov 2022 09:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Nov 2023 20:03:58 GMT
GET H3	200	css fonts.googleapis.com/ Frame 11B7	6 KB 672 B	17ms 17ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=662&adk=2587678068&adf=4111752464&pi=t.aa~a.3270109506~rp.4&w=820&lmt=1668073180&nsk=cd60aaff&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x662&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=1&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0%2C820x568&nras=3&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lVShVyQNJj&p=https%3A//hijackfacts.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 10 Nov 2022 09:39:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 10 Nov 2022 08:01:17 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 10 Nov 2022 09:39:41 GMT
GET H3	200	css fonts.googleapis.com/ Frame 11B7	6 KB 672 B	38ms 36ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,500&text= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=662&adk=2587678068&adf=4111752464&pi=t.aa~a.3270109506~rp.4&w=820&lmt=1668073180&nsk=cd60aaff&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x662&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=1&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0%2C820x568&nras=3&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lVShVyQNJj&p=https%3A//hijackfacts.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 10 Nov 2022 09:39:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 10 Nov 2022 09:25:19 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 10 Nov 2022 09:39:41 GMT
GET H3	200	m_js_controller_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 11B7	35 KB 14 KB	9ms 7ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/m_js_controller_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=662&adk=2587678068&adf=4111752464&pi=t.aa~a.3270109506~rp.4&w=820&lmt=1668073180&nsk=cd60aaff&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x662&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=1&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0%2C820x568&nras=3&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lVShVyQNJj&p=https%3A//hijackfacts.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 33fbda0add53b78038dd861a1dc579416a720e93c47ece1779e2cb5ccc06e8af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 00:52:30 GMT content-encoding br x-content-type-options nosniff age 31631 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14054 x-xss-protection 0 server cafe etag 8116570998347490098 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 24 Nov 2022 00:52:30 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 11B7	154 KB 47 KB	25ms 23ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=662&adk=2587678068&adf=4111752464&pi=t.aa~a.3270109506~rp.4&w=820&lmt=1668073180&nsk=cd60aaff&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x662&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=1&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0%2C820x568&nras=3&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lVShVyQNJj&p=https%3A//hijackfacts.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48226 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1667997631252355" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 10 Nov 2022 09:39:41 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221108/r20110914/ Frame 11B7	23 KB 9 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=662&adk=2587678068&adf=4111752464&pi=t.aa~a.3270109506~rp.4&w=820&lmt=1668073180&nsk=cd60aaff&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x662&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=1&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0%2C820x568&nras=3&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lVShVyQNJj&p=https%3A//hijackfacts.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d25748100cd828212b1c129e0e8cf70249c8b147a458db5cad88d9b19159b633 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 18:00:05 GMT content-encoding br x-content-type-options nosniff age 56376 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9353 x-xss-protection 0 server cafe etag 2177555007986509113 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 23 Nov 2022 18:00:05 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 11B7	3 KB 1 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=662&adk=2587678068&adf=4111752464&pi=t.aa~a.3270109506~rp.4&w=820&lmt=1668073180&nsk=cd60aaff&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x662&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=1&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0%2C820x568&nras=3&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lVShVyQNJj&p=https%3A//hijackfacts.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 18:01:10 GMT content-encoding br x-content-type-options nosniff age 56311 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 23 Nov 2022 18:01:10 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 11B7	18 KB 7 KB	11ms 10ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=662&adk=2587678068&adf=4111752464&pi=t.aa~a.3270109506~rp.4&w=820&lmt=1668073180&nsk=cd60aaff&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x662&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=1&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0%2C820x568&nras=3&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lVShVyQNJj&p=https%3A//hijackfacts.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 18:00:05 GMT content-encoding br x-content-type-options nosniff age 56376 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7380 x-xss-protection 0 server cafe etag 12918171938167859976 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 23 Nov 2022 18:00:05 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 11B7	0 0	19ms 16ms	Image text/html	2a00:1450:4001:809::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrlBqG2gRo-XqR4rU9oxwwqw34edyvZ7FVsiTPb2H54bV2mDZ6U-aMQPHNZCN98hXmUw0EGZoI1wMDJk5H7qaGODsl8w Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=662&adk=2587678068&adf=4111752464&pi=t.aa~a.3270109506~rp.4&w=820&lmt=1668073180&nsk=cd60aaff&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x662&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=1&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0%2C820x568&nras=3&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lVShVyQNJj&p=https%3A//hijackfacts.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 826C	0 12 B	12ms 11ms	Image text/plain	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?d8YPdg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:41 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	200	downsize_200k_v1 tpc.googlesyndication.com/simgad/8527955960120408101/ Frame 11B7	142 KB 142 KB	40ms 40ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/8527955960120408101/downsize_200k_v1?sqp=4sqPyQSHAUKEAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mgsw5AU45AVFAACAPw&rs=AOga4qmt84fuLS8xc_-d7QgUnOYYmhBFBA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=662&adk=2587678068&adf=4111752464&pi=t.aa~a.3270109506~rp.4&w=820&lmt=1668073180&nsk=cd60aaff&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x662&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=1&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0%2C820x568&nras=3&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lVShVyQNJj&p=https%3A//hijackfacts.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a224e6abd322cd44ef13603ac6cabd8efe40cc027d6b47cc69d38bb6256f2ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:41 GMT x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 144981 x-xss-protection 0 last-modified Wed, 05 May 2021 14:37:55 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 10 Nov 2023 09:39:41 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 11B7	0 0	54ms 53ms	Fetch text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CXPxF3MZsY-CdO8uitweApqagA6nphelsyf3o5d0Kt8uivcABEAEgjKzMhwFglYKJgpgHoAH__Yy2A8gBBqkCztGnWJjSsD6oAwHIA8sEqgTjAU_QxTdjdHUubOKRPIYCPpnAZbSXdW17Io41yr17GxsuRxw0onTwhDkue8LfeK6kVFUi6v8yqkI7-WqQdNyUZe6qHUtNSilkxRFBrhDAZwD6Y635UgU5wg0t9bd3G9nU4vlGjtf2rsBWhu1gRVMt3Z43huh-PitDnyvdBu7g6pFsAFLoszckYi14X48WE0kdWze0H1m-4hLZDQogOn6PO3L_8pQJZHBZAW0lIn7SYWfJ76Gv9aOJQgfunLUxUDpUEkrKdF1ReynwEEiQ-KzRrXFHJSsROxQYWJWL4mb7ErGt_Z4GwATn64CxxQKSBQQIBBgBkgUECAUYBKAGN4AH6YHzSagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENnsEdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMLiBQa0BUBmBYBgBcBshccChoIABIUcHViLTM4ODYyMjc4ODMwNDU2MDIYAA&sigh=fE7iD3ez8Mw&uach_m=[UACH]&cid=CAQSOwDq26N9RrhXyuc1DidkAty-tOzX0JOHQ3mnCujL85sdnMEVsBaVmel9GCT8EPG9kX8bXd--0m5FKas4GAEgEw&template_id=492 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=662&adk=2587678068&adf=4111752464&pi=t.aa~a.3270109506~rp.4&w=820&lmt=1668073180&nsk=cd60aaff&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x662&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=1&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0%2C820x568&nras=3&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lVShVyQNJj&p=https%3A//hijackfacts.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=662&adk=2587678068&adf=4111752464&pi=t.aa~a.3270109506~rp.4&w=820&lmt=1668073180&nsk=cd60aaff&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x662&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=1&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0%2C820x568&nras=3&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lVShVyQNJj&p=https%3A//hijackfacts.com&dtd=19 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Thu, 10 Nov 2022 09:39:41 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 0C89	143 B 166 B	9ms 7ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=662&adk=2587678068&adf=4111752464&pi=t.aa~a.3270109506~rp.4&w=820&lmt=1668073180&nsk=cd60aaff&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x662&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=1&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0%2C820x568&nras=3&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lVShVyQNJj&p=https%3A//hijackfacts.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=662&adk=2587678068&adf=4111752464&pi=t.aa~a.3270109506~rp.4&w=820&lmt=1668073180&nsk=cd60aaff&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x662&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=1&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0%2C820x568&nras=3&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lVShVyQNJj&p=https%3A//hijackfacts.com&dtd=19 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1455 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 10 Nov 2022 09:15:26 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 9025	1 KB 643 B	8ms 8ms	Document text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=662&adk=2587678068&adf=4111752464&pi=t.aa~a.3270109506~rp.4&w=820&lmt=1668073180&nsk=cd60aaff&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x662&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=1&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0%2C820x568&nras=3&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lVShVyQNJj&p=https%3A//hijackfacts.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 73614 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 09 Nov 2022 13:12:47 GMT etag 48472445140208031 expires Thu, 10 Nov 2022 13:12:47 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	css fonts.googleapis.com/ Frame F848	6 KB 672 B	18ms 16ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 10 Nov 2022 09:39:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 10 Nov 2022 07:45:28 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 10 Nov 2022 09:39:41 GMT
GET H3	200	css fonts.googleapis.com/ Frame F848	6 KB 672 B	18ms 17ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,500&text= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 10 Nov 2022 09:39:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 10 Nov 2022 09:11:01 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 10 Nov 2022 09:39:41 GMT
GET H3	200	m_js_controller_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame F848	35 KB 14 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/m_js_controller_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 33fbda0add53b78038dd861a1dc579416a720e93c47ece1779e2cb5ccc06e8af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 00:52:30 GMT content-encoding br x-content-type-options nosniff age 31631 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14054 x-xss-protection 0 server cafe etag 8116570998347490098 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 24 Nov 2022 00:52:30 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame F848	154 KB 47 KB	27ms 26ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48226 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1667997631252355" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 10 Nov 2022 09:39:41 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221108/r20110914/ Frame F848	23 KB 9 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d25748100cd828212b1c129e0e8cf70249c8b147a458db5cad88d9b19159b633 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 18:00:05 GMT content-encoding br x-content-type-options nosniff age 56376 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9353 x-xss-protection 0 server cafe etag 2177555007986509113 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 23 Nov 2022 18:00:05 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame F848	3 KB 1 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 18:01:10 GMT content-encoding br x-content-type-options nosniff age 56311 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 23 Nov 2022 18:01:10 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame F848	18 KB 7 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Wed, 09 Nov 2022 18:00:05 GMT content-encoding br x-content-type-options nosniff age 56376 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7380 x-xss-protection 0 server cafe etag 12918171938167859976 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 23 Nov 2022 18:00:05 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame F848	0 0	16ms 15ms	Image text/html	2a00:1450:4001:809::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-Y8qEzEBICxvMtkmgQn8vqdy9OA8xtKfpYLoDajm0sKO1wcXtHgat2V3HH2w-FEjotxGmRjdWCetR-AKj4827VsDklQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers
GET DATA	200 OK	truncated / Frame 11B7	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 26719115abae15cdeef0541683dd6cceefdf012bad90302d97a450ea130e442e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/png
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 11B7	16 KB 16 KB	8ms 8ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 03 Nov 2022 11:59:40 GMT x-content-type-options nosniff age 596401 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 03 Nov 2023 11:59:40 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9025 Redirect Chain https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIF8bFoAMDX0ijkgC9eCez0&google_cve... https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIF8bFoAMDX0ijkgC9eCez0&goog... https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c1E2SzVuMUUxT1Q0Mjk1&google_gid=CAESEIF8bFoAMDX0ijkgC9eCez0&google_cver=1&google_push=ASkJ3Fbl3Nz3KDGBlgHTt_Dh703rpvDQWawrpKYF3jH-L0M...	170 B 188 B	27ms 26ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c1E2SzVuMUUxT1Q0Mjk1&google_gid=CAESEIF8bFoAMDX0ijkgC9eCez0&google_cver=1&google_push=ASkJ3Fbl3Nz3KDGBlgHTt_Dh703rpvDQWawrpKYF3jH-L0Mpz99xhXeaSFdbDW7NrqaS8razRfTliVfdDwR22srb2xbxG9Tk65rHRw Protocol H3 Server 142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 10 Nov 2022 09:39:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Thu, 10 Nov 2022 09:39:40 GMT Strict-Transport-Security max-age=2592000; includeSubDomains Server PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0eed724e77eae7a40@eu-central-1b@dxedge-app-eu-central-1-prod-asg Location https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c1E2SzVuMUUxT1Q0Mjk1&google_gid=CAESEIF8bFoAMDX0ijkgC9eCez0&google_cver=1&google_push=ASkJ3Fbl3Nz3KDGBlgHTt_Dh703rpvDQWawrpKYF3jH-L0Mpz99xhXeaSFdbDW7NrqaS8razRfTliVfdDwR22srb2xbxG9Tk65rHRw Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	i.match s.tribalfusion.com/z/ Frame 9025 Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEEyrT0PBmUKRfDHNdSl9x8A&google_cver=1&google_push=ASkJ3FaPRwOZ9og_5OIENiuTLxXivWGLhj0splwzyz1Ahlsb3xFvlfmmOA7IDXpmRnPstAPO_rlNzNna6hsERaiaQXoZXdAOvyWDc... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEyrT0PBmUKRfDHNdSl9x8A&google_cver=1&google_push=ASkJ3FaPRwOZ9og_5OIENiuTLxXivWGLhj0splwzyz1Ahlsb3xFvlfmmOA7IDXpmRnPstAPO_rlNzNna6hsERaiaQXoZXdAOvyW...	43 B 419 B	195ms 183ms	Image image/gif	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEyrT0PBmUKRfDHNdSl9x8A&google_cver=1&google_push=ASkJ3FaPRwOZ9og_5OIENiuTLxXivWGLhj0splwzyz1Ahlsb3xFvlfmmOA7IDXpmRnPstAPO_rlNzNna6hsERaiaQXoZXdAOvyWDcQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FaPRwOZ9og_5OIENiuTLxXivWGLhj0splwzyz1Ahlsb3xFvlfmmOA7IDXpmRnPstAPO_rlNzNna6hsERaiaQXoZXdAOvyWDcQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Protocol H2 Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 10 Nov 2022 09:39:41 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 767dd28a2d339a30-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Thu, 10 Nov 2022 09:39:41 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 739 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEyrT0PBmUKRfDHNdSl9x8A&google_cver=1&google_push=ASkJ3FaPRwOZ9og_5OIENiuTLxXivWGLhj0splwzyz1Ahlsb3xFvlfmmOA7IDXpmRnPstAPO_rlNzNna6hsERaiaQXoZXdAOvyWDcQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FaPRwOZ9og_5OIENiuTLxXivWGLhj0splwzyz1Ahlsb3xFvlfmmOA7IDXpmRnPstAPO_rlNzNna6hsERaiaQXoZXdAOvyWDcQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 767dd2890a3e9a30-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9025 Redirect Chain https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENChBVb4-tkC2_Q5sLOcvgU&google_cver=1&google_push=ASkJ3FYz2ZafxEGhb474WQclJ1OI_U5W72cg3B_RIEF708E44SFnKJj8ctQPBpn3KgTEGWSdGUZjj0G6VIGPhE... https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NDMxOTc1OTc0MjY2Mjc5OQ%3D%3D&google_push=ASkJ3FYz2ZafxEGhb474WQclJ1OI_U5W72cg3B_RIEF708E44SFnKJj8ctQPBpn3KgTEGWSdGUZjj0G6VIGPhEhsKq...	170 B 188 B	47ms 28ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NDMxOTc1OTc0MjY2Mjc5OQ%3D%3D&google_push=ASkJ3FYz2ZafxEGhb474WQclJ1OI_U5W72cg3B_RIEF708E44SFnKJj8ctQPBpn3KgTEGWSdGUZjj0G6VIGPhEhsKqajMTTCft7DBw Protocol H3 Server 142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 10 Nov 2022 09:39:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NDMxOTc1OTc0MjY2Mjc5OQ%3D%3D&google_push=ASkJ3FYz2ZafxEGhb474WQclJ1OI_U5W72cg3B_RIEF708E44SFnKJj8ctQPBpn3KgTEGWSdGUZjj0G6VIGPhEhsKqajMTTCft7DBw Date Thu, 10 Nov 2022 09:39:41 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9025 Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESEN9GGO79qk_yxQPe0AdgAM4&google_cver=1&google_push=ASkJ3FZ8NLU4Plq18yQLPOfmSSt5tlKwHzSnjhlplSl9XDECicVn4zid909LewhtvAfWyEEKAI8Ci6_VJQ6WDFL0... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LdzpL_DjSQm7e9kxmq7gwQ2&google_push=ASkJ3FZ8NLU4Plq18yQLPOfmSSt5tlKwHzSnjhlplSl9XDECicVn4zid909LewhtvAfWyEEKAI8Ci6_VJQ6WDFL0Tij-2t-ar8bQPA	170 B 188 B	45ms 29ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LdzpL_DjSQm7e9kxmq7gwQ2&google_push=ASkJ3FZ8NLU4Plq18yQLPOfmSSt5tlKwHzSnjhlplSl9XDECicVn4zid909LewhtvAfWyEEKAI8Ci6_VJQ6WDFL0Tij-2t-ar8bQPA Protocol H3 Server 142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 10 Nov 2022 09:39:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Thu, 10 Nov 2022 09:39:41 GMT via 1.1 google x-engine-version 0.0.0 server nginx/1.21.6 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LdzpL_DjSQm7e9kxmq7gwQ2&google_push=ASkJ3FZ8NLU4Plq18yQLPOfmSSt5tlKwHzSnjhlplSl9XDECicVn4zid909LewhtvAfWyEEKAI8Ci6_VJQ6WDFL0Tij-2t-ar8bQPA x-host tde-deliveryengine-production-58d9d44577-p7n6k alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9025 Redirect Chain https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHlGbm8CwrKKgenU0jBq6lc&google_cver=1&google_push=ASkJ3FbrRq2gpIXxpOtev3sMj1r8Ua99_yWMJ1hLfPLQ0CDdyEt6S7SlJ-rZY7qXNuCt1TkqUUwG-buEBtHqs_D8UgrE... https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHlGbm8CwrKKgenU0jBq6lc&google_cver=1&google_push=ASkJ3FbrRq2gpIXxpOtev3sMj1r8Ua99_yWMJ1hLfPLQ0CDdyEt6S7SlJ-rZY7qXNuCt1TkqUUwG-buEBtHqs_... https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=438a8b37-77c6-44f3-b517-cd69ea6fb7bd&ssp=google https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbrRq2gpIXxpOtev3sMj1r8Ua99_yWMJ1hLfPLQ0CDdyEt6S7SlJ-rZY7qXNuCt1TkqUUwG-buEBtHqs_D8UgrE9Nd--X5vDw&google_hm=lLEsha8oQA259MPLcpLqIQ==	170 B 188 B	19ms 18ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbrRq2gpIXxpOtev3sMj1r8Ua99_yWMJ1hLfPLQ0CDdyEt6S7SlJ-rZY7qXNuCt1TkqUUwG-buEBtHqs_D8UgrE9Nd--X5vDw&google_hm=lLEsha8oQA259MPLcpLqIQ== Protocol H3 Server 142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 10 Nov 2022 09:39:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbrRq2gpIXxpOtev3sMj1r8Ua99_yWMJ1hLfPLQ0CDdyEt6S7SlJ-rZY7qXNuCt1TkqUUwG-buEBtHqs_D8UgrE9Nd--X5vDw&google_hm=lLEsha8oQA259MPLcpLqIQ== Date Thu, 10 Nov 2022 09:39:41 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9025 Redirect Chain https://match.360yield.com/match/ebda?google_gid=CAESEDPlD2pu25PvoopAeR-KLzY&google_cver=1&google_push=ASkJ3FbQq1-DjTjnFqFcQab89YNHOVHQPp3aCwbTrXNjJLiec1wCXWcgxC_T3TtrD2VXcKYjH09OGR6XFhsrVsDsMUTiSJ... https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDPlD2pu25PvoopAeR-KLzY&google_cver=1&google_push=ASkJ3FbQq1-DjTjnFqFcQab89YNHOVHQPp3aCwbTrXNjJLiec1wCXWcgxC_T3TtrD2VXcKYjH09OGR6XFhsrVsDs... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Nzq8_ROR5GBqyW_IiUIXw&google_push=ASkJ3FbQq1-DjTjnFqFcQab89YNHOVHQPp3aCwbTrXNjJLiec1wCXWcgxC_T3TtrD2VXcKYjH09OGR6XFhsrVsD...	170 B 188 B	18ms 17ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Nzq8_ROR5GBqyW_IiUIXw&google_push=ASkJ3FbQq1-DjTjnFqFcQab89YNHOVHQPp3aCwbTrXNjJLiec1wCXWcgxC_T3TtrD2VXcKYjH09OGR6XFhsrVsDsMUTiSJkus9fPFw Protocol H3 Server 142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 10 Nov 2022 09:39:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1Nzq8_ROR5GBqyW_IiUIXw&google_push=ASkJ3FbQq1-DjTjnFqFcQab89YNHOVHQPp3aCwbTrXNjJLiec1wCXWcgxC_T3TtrD2VXcKYjH09OGR6XFhsrVsDsMUTiSJkus9fPFw access-control-allow-origin * date Thu, 10 Nov 2022 09:39:41 GMT content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H/1.1	200 OK	sync ssbsync.smartadserver.com/api/ Frame 9025	0 75 B	127ms 24ms	Image text/plain	185.86.137.107 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBxl83DiPLGEZDikQJ8EjJE&google_cver=1&google_push=ASkJ3FauI8LL9N51CVjfdjmKYTWfgJtPHaqAGzObKxiRON0XhhFNWkrckja783CZ83k5_RI8NWfvMs7q07zil6cBnCV3jywjO3VCNw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=662&adk=2587678068&adf=4111752464&pi=t.aa~a.3270109506~rp.4&w=820&lmt=1668073180&nsk=cd60aaff&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x662&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=1&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0%2C820x568&nras=3&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lVShVyQNJj&p=https%3A//hijackfacts.com&dtd=19 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:41 GMT content-length 0
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 9025	0 223 B	59ms 16ms	Image text/html	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L_h1iw6KNyvpjpqfEpFSMjvqW8mekWHnyW0AQuSZhquhOvj2mgh55gHBGlWSw5eiRcCG3M Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=662&adk=2587678068&adf=4111752464&pi=t.aa~a.3270109506~rp.4&w=820&lmt=1668073180&nsk=cd60aaff&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x662&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=1&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0%2C820x568&nras=3&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lVShVyQNJj&p=https%3A//hijackfacts.com&dtd=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:41 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 0C89 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	19ms 17ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=662&adk=2587678068&adf=4111752464&pi=t.aa~a.3270109506~rp.4&w=820&lmt=1668073180&nsk=cd60aaff&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x662&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=1&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0%2C820x568&nras=3&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lVShVyQNJj&p=https%3A//hijackfacts.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 10 Nov 2022 09:39:41 GMT expires Thu, 10 Nov 2022 09:39:41 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 10 Nov 2022 09:39:41 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	downsize_200k_v1 tpc.googlesyndication.com/simgad/3529198506799940249/ Frame F848	33 KB 33 KB	78ms 77ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/3529198506799940249/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI5AUQggMYASABLQAAAD8w5AU4gwNFAACAPw&rs=AOga4qmXzy55JjvRRsROrLOqRAfZwmZCfw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 146ff60d40b4c76bfae5f970f5110cee356a129b53e932c4c5cf0c2843e44fa6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:41 GMT x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33905 x-xss-protection 0 last-modified Tue, 13 Oct 2020 15:04:50 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 10 Nov 2023 09:39:41 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame F848	0 0	50ms 49ms	Fetch text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CL-Rp3MZsY-6bO83xtwfd-qCQDZDpgN5spu2w1PwP2qOr0JQdEAEgjKzMhwFglYKJgpgHoAGtpdCPA8gBBqkCztGnWJjSsD6oAwHIA8sEqgTZAU_Q3hPhfC78NeROUeOl0ubNGDAlaVwrDo_7qM6kV3X8LzWrtsBfVMQAiLQPQM6B8hdTviY9SYlQVQQ0NmHDJZXx4ftIUeGOtpZMI9_Ritn3xerVQKqymcsS9HfNSYwqsGAGJRD-NnTKyy-BopRKWCUIhe27n53LaH6tjp9ern5w03jly45gfpq-i8_AJQcG9DupT32JqNf8j7DsXmGemxHjBoUIfpfrXW-reNGDuT031-kBmYeegKu37OD5o2r8theEYeZli3zO9vtE3NZpuiRRGD8aCFmTv7vABKDBuYK4A5IFBAgEGAGSBQQIBRgEoAY3gAe72q9wqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQs-Yv0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItMzg4NjIyNzg4MzA0NTYwMhgA&sigh=6yS5g1wdmes&uach_m=[UACH]&cid=CAQSOwDq26N9QCQB1QyCRy-PrsQEGGST_NMl0g8RqUBtQVI7NVyoLEQ-Y6V9KuifQFxqxLI0bRzHw0-lOeqnGAEgEw&template_id=492 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Thu, 10 Nov 2022 09:39:41 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame F848	16 KB 16 KB	9ms 9ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 03 Nov 2022 11:59:40 GMT x-content-type-options nosniff age 596401 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 03 Nov 2023 11:59:40 GMT
GET H3	200	api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response pagead2.googlesyndication.com/bg/ Frame D2D9	36 KB 16 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=662&adk=2587678068&adf=4111752464&pi=t.aa~a.3270109506~rp.4&w=820&lmt=1668073180&nsk=cd60aaff&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x662&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=1&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0%2C820x568&nras=3&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lVShVyQNJj&p=https%3A//hijackfacts.com&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 04 Nov 2022 20:03:58 GMT content-encoding gzip x-content-type-options nosniff age 480943 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16010 x-xss-protection 0 last-modified Thu, 03 Nov 2022 09:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Nov 2023 20:03:58 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 20A4	143 B 166 B	9ms 7ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1455 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 10 Nov 2022 09:15:26 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 6623	1 KB 643 B	9ms 8ms	Document text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 73614 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 09 Nov 2022 13:12:47 GMT etag 48472445140208031 expires Thu, 10 Nov 2022 13:12:47 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame F848	219 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0cea828d1b719fc542207f192700fa44b85a112987372a4ab058f21490861648 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/png
GET H2	200	dpixel cms.quantserve.com/ Frame 6623	35 B 464 B	38ms 10ms	Image image/gif	2620:116:800d:21:93ca:31d8:d86e:38f6 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED597P8Gc0aH547LPauc2G8&google_cver=1&google_push=ASkJ3Fa3l6pG-icKil72d5dcf-0rjAKu_09XfOMEu0ySZPgDMowA5SQSBPTUTphENY9OtQpiiR7qO9yKz2dwqm1P2Knu4e0F7r0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 10 Nov 2022 09:39:41 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	451	466606.gif id.rlcdn.com/ Frame 6623	0 98 B	57ms 16ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3Faoo1j2lR3kHOAQl2hPWDc4ERJbfs13yrm8ohQiXmKLu0NIq76bg_WEmK3gGpdffc4fJpJmN8kycU369ZQwcqxaJLJ7jCFo&google_gid=CAESELVWgqPdObhxmMUjTgD3C44&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:41 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	dds rtb.openx.net/sync/ Frame 6623	43 B 351 B	43ms 16ms	Image image/gif	35.227.252.103 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.openx.net/sync/dds?google_gid=CAESEM_mfPC2EPHbW0iTeuCnuKk&google_cver=1&google_push=ASkJ3FZjPwqDifJ171HXxCOIw0UszRnhj1izufUcXYb4Gdc8zZqAypJoTe4Qym0h_WzcP-5qLWtG5IhnkHYkTI8BBi2Q_AUDWuQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 103.252.227.35.bc.googleusercontent.com Software Cowboy / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 10 Nov 2022 09:39:40 GMT via 1.1 google server Cowboy vary Origin p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin null access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-request-id 415e20f8n8f2kekc6o90id84ckqukldr
GET H3	200	pixel cm.g.doubleclick.net/ Frame 6623 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mi_PjTw4RGG9jOJJkolrLA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	27ms 26ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mi_PjTw4RGG9jOJJkolrLA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FalRaCMI062xaSjLC1ou5R4C-Sw7vwgGVlef5pUSEjzNFuWFoPrEUZ54D9A_r_aqZ_7NkZlmVNJ_I9tWTCGbK0JRExxw4k Protocol H3 Server 142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 10 Nov 2022 09:39:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mi_PjTw4RGG9jOJJkolrLA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FalRaCMI062xaSjLC1ou5R4C-Sw7vwgGVlef5pUSEjzNFuWFoPrEUZ54D9A_r_aqZ_7NkZlmVNJ_I9tWTCGbK0JRExxw4k date Thu, 10 Nov 2022 09:39:40 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3	200	pixel cm.g.doubleclick.net/ Frame 6623 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGkg4bJnFYTo9vYkIDEsQS0&google_cver=1&google_push=ASkJ3FbX-v_u_G7iCFSiyoe7-xmb_rpj5O0-3gZAAeMnJNq4WfExNne1IE2wv0Y0v57TIrYqyBY... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFBVlBDSDMtMTEtNTFSRg==&google_push=ASkJ3FbX-v_u_G7iCFSiyoe7-xmb_rpj5O0-3gZAAeMnJNq4WfExNne1IE2wv0Y0v57TIrYqyBY-VKpSvbjWDX8KySBwFiSAY6jf	170 B 188 B	18ms 18ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFBVlBDSDMtMTEtNTFSRg==&google_push=ASkJ3FbX-v_u_G7iCFSiyoe7-xmb_rpj5O0-3gZAAeMnJNq4WfExNne1IE2wv0Y0v57TIrYqyBY-VKpSvbjWDX8KySBwFiSAY6jf Protocol H3 Server 142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 10 Nov 2022 09:39:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFBVlBDSDMtMTEtNTFSRg==&google_push=ASkJ3FbX-v_u_G7iCFSiyoe7-xmb_rpj5O0-3gZAAeMnJNq4WfExNne1IE2wv0Y0v57TIrYqyBY-VKpSvbjWDX8KySBwFiSAY6jf Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 37b22a0c36bd84993dd2cda4a5e04b1d Expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 6623 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK15L_jqKzP8Dc462J9p7YQ&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEK15L_jqKzP8Dc462J9p7YQ&google_push=AS... https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK15L_jqKzP8Dc462J9p7YQ&google_hm=Y2zG3RtW_l8_eKHmPXQAQQAABKEAAAIB&google_nid=index&google_push=ASkJ3Fb-2J8tCDWxA2zMYxTA2Bi2rZOxnCrst...	170 B 188 B	26ms 25ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK15L_jqKzP8Dc462J9p7YQ&google_hm=Y2zG3RtW_l8_eKHmPXQAQQAABKEAAAIB&google_nid=index&google_push=ASkJ3Fb-2J8tCDWxA2zMYxTA2Bi2rZOxnCrstsZzKUvpn7-niQ2VSL5kYQhDcREshM_f2VSA2SGMCMG-etCddcTrsYLPccUyZFHs Protocol H3 Server 142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 10 Nov 2022 09:39:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 10 Nov 2022 09:39:41 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09GSG1TfwVSqsQV30RHvnvw7Q2IJ2wPVCqTcOT%2BB9p2jHDM7TxknhPPuVAd4JTffymu2EEi13tzHX%2BFR9h5tzPcpcbX8OxLuqtcSdrmwcERYrJKmHSii%2BIV5oHzi8t%2Fbsb7UQwX0hSbxhA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK15L_jqKzP8Dc462J9p7YQ&google_hm=Y2zG3RtW_l8_eKHmPXQAQQAABKEAAAIB&google_nid=index&google_push=ASkJ3Fb-2J8tCDWxA2zMYxTA2Bi2rZOxnCrstsZzKUvpn7-niQ2VSL5kYQhDcREshM_f2VSA2SGMCMG-etCddcTrsYLPccUyZFHs cache-control no-cache cf-ray 767dd28a3c0c921f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 expires 0
GET H2	200	trk ag.innovid.com/ Frame 6623	43 B 296 B	169ms 21ms	Image image/gif	2a05:d01c:1d8:8101:d786:ef20:82e3:39f7 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGmaYbiKuUPAT44gqT7Ro6g&google_cver=1&google_push=ASkJ3FYpqVVAfyIoKSfaqQ1fh-5Rq22E2H7wNws-dhnWPuPS8YL_lYexHYBN93SIL4psuh1SHNDK07QTOT4dfPVzF_3v4paGAZ-f Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d01c:1d8:8101:d786:ef20:82e3:39f7 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-type image/gif pragma no-cache date Thu, 10 Nov 2022 09:39:41 GMT cache-control no-cache content-length 43 request-time 0 expires -1
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 6623	0 12 B	17ms 15ms	Image text/html	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L_y-cr4uOJwArV3OfQusbkVvrwf1qXBaK3QSPnXy9uSN4nvxj9DF0PsVzeRR_GfIQSWw7J Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:39:41 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 20A4 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	20ms 20ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 10 Nov 2022 09:39:41 GMT expires Thu, 10 Nov 2022 09:39:41 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 10 Nov 2022 09:39:41 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response pagead2.googlesyndication.com/bg/ Frame 00E6	36 KB 16 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&h=568&adk=3986096866&adf=3037575135&pi=t.aa~a.3525945133~rp.4&w=820&lmt=1668073180&nsk=c3fe6999&rafmt=11&pwprc=1254699243&ad_type=text_image&format=820x568&url=https%3A%2F%2Fhijackfacts.com%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668073180923&bpp=1&bdt=2509&idt=-M&shv=r20221108&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48dd78d1a3c8fd70-223ce2d772ce009a%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MbUXCWbDuSY2cwMt6cpA9pr-X2ERQ&gpic=UID%3D00000b7f774c6f89%3AT%3D1668073179%3ART%3D1668073179%3AS%3DALNI_MZ8-BkAiUXJPME0PttbkZqUNxvoNw&prev_fmts=0x0&nras=2&correlator=7357869503445&frm=20&pv=1&ga_vid=1442198975.1668073179&ga_sid=1668073179&ga_hid=812062211&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774649%2C42531706%2C44774653%2C31070762%2C44770881%2C44775016&oid=2&pvsid=2684567859538857&tmod=708783887&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9BAbkf7U7C&p=https%3A//hijackfacts.com&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 04 Nov 2022 20:03:58 GMT content-encoding gzip x-content-type-options nosniff age 480943 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16010 x-xss-protection 0 last-modified Thu, 03 Nov 2022 09:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Nov 2023 20:03:58 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	45ms 44ms	Image text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221108&jk=2684567859538857&bg=!q6ilqOzNAAbvMpMzzzI7ACkAdvg8WvTpz5R01OFaof3DEhtZZR78ktCUCJ3JIZpO2Cu9KDHBT8YvdAIAAAD8UgAAAARoAQcKAMIxMJ4aYm3SPRGHNd2kwD4TYzzvun6fxQ4EJLEVHDNYDldzS38GD5NaDSFLehXO5KCBmUOiwN0sB5L-TQdCUlE46S2JkWqXQHWW7cAQ46yZTJFr8n-sWk7COP1cY1F1gzVlBRll2xXe2fWDdTEGIxb32_uW8eYQ6rAsNOuAXxubg0LpBmMvahmkOQntmKe102o4Mrm8PDhv0p0eXnUdFXgGTpgUs5WbYjaKGDQ-OVtpx-sUHfdqYE7NHCAS7BRzFf0W65kCkm2gH02kp_ALjLVn4gE0-cyco9ZEIl_mDeSqrnfnU0uG6u0u_7O4PPQGJshyqIYyYr47xE4_eEEQv9N8I4u0TJGDKb0NO5JI0LeVfMGQW8VTRAe2KjqcIbNGbmP4Cd416ga1LgyWuwzPT-R2iniA-r4DoNJgil0JZJc2ogU9KRzB9H0TkYz4KdFx3FMTit2-daeJN-EgzP7NdEU5Mmd5MPa_D1TYOh9NXGJhWRvGtzalk4hTQZZ6mLH_tUCjqVTdLgKjGjn2yNYejjaBd-uXFdxUQvYV9MyFodg75q7uKaBcJx_Uml6u4nPUr6YVV6YYaa2Ryx0r8iyz9XNB_7FaD4tevtMJG6itTApDdZ6olKrzs94-bkNr1T5aFWdHmkOHJZSREp8iK780O19bgb4KoanO7e1ASzOJ41OxCUfXGqnrmi-KoCFpYMutAOUrWcSfNiGWKIKhNI6izP_fILciHPJUN1uIn1b3kjqWET_SoiyKmyEIJwYcTAV3ae0wwJy_yCLsk2rtKFgbkSvue0YcHoiSFeWVr3PipC8ZS2wVmxDpL_0LW900L2s4eyvB4lbrhysna6CvzVQyV_h3obm0nz0zWPqYXBfTh8zwnVkYP1Ni3PqLHEKU4Bh_orZnEvqiPNvFlc1cfXjXDyArKb8q-TF6EFcG3xbH1bsF0ppPBWnKPceaNScfrOcOtborxcrO3Qbn9H7JjZQpMb4_whMbOWQcglQ_hVMKJtD_JMh1n_0GaYBvNs6511IjqaVY4UhAQj6qyWswRSHYNApktDTE4SiaxbLZOUz01KzEmGeO7blUCn1GMvbVV8S5ph5TvFmqj-EghSLgcs_UAtcQLXHhHlNbJE2bNID4Iq75zbC9tpw_sd4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 8131	42 B 64 B	44ms 43ms	Fetch image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNdI5RI7kxsKahUga_WrMeqo7OspfDbHc5oyeIcxgsnBsbbDH-Vmuk1eRu_BQnOscTvYyM8YZ3iKJCSw8Qi8VydVffG9OwqG87h42jJZ9B80FwJkGRQ6PS8iYEh0dMWkpGckvXtw&sai=AMfl-YSFn4LiLxGH7suEDSCcRouJ8-oyi_PaFptQkHWDUdvK-x_oRlaAm3Hob1h8sUn0xbfF4qrG0PwAZN_SBwI&sig=Cg0ArKJSzKzQWiQh-BjsEAE&cid=CAQSGwDq26N9g8_ns83pmcWu2kNnGbaRRCeAKB9akhgBIBM&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,776,1000,1157,1163&tos=0,776,224,157,6&v=20221109&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668073180978&rpt=271&met=mue&wmsd=0&pbe=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Thu, 10 Nov 2022 09:39:42 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT