www.polltab.com Open in urlscan Pro
142.93.193.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.polltab.com/bracket-poll/URhesZuhuQA
Submission: On November 03 via manual (November 3rd 2022, 4:59:08 pm UTC) from IN — Scanned from DE

Summary HTTP 127 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 3 countries across 24 domains to perform 127 HTTP transactions. The main IP is 142.93.193.153, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.polltab.com.
TLS certificate: Issued by R3 on September 20th 2022. Valid for: 3 months.

This is the only time www.polltab.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	142.93.193.153 142.93.193.153	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2600:9000:224... 2600:9000:224a:5e00:13:3e8b:9e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	192.229.220.206 192.229.220.206	15133 (EDGECAST) (EDGECAST)
3	2a02:26f0:350... 2a02:26f0:3500:596::9b6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	2606:4700:440... 2606:4700:4400::ac40:9a88	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a04:4e42::272 2a04:4e42::272	54113 (FASTLY) (FASTLY)
5	2a02:26f0:350... 2a02:26f0:3500:58e::9b6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:b03e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:26f0:480... 2a02:26f0:480:d::210:f145	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:440... 2606:4700:4400::ac40:9919	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:23c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.159.134.68 162.159.134.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:9803	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2292	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.11.206.25 23.11.206.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400c:c34::5e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:27::9	15169 (GOOGLE) (GOOGLE)
127	30

1 142.93.193.153 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

www.polltab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:224a:5e00:13:3e8b:9e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.polltab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.220.206 (United States)

ASN15133 (EDGECAST, US)

cdn.dribbble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:596::9b6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

target.scene7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a88 (United States)

ASN13335 (CLOUDFLARENET, US)

www.3musketeers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42::272 (United States)

ASN54113 (FASTLY, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:58e::9b6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s7d2.scene7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b03e (United States)

ASN13335 (CLOUDFLARENET, US)

uploads.dailydot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:480:d::210:f145 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

images.heb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9919 (United States)

ASN13335 (CLOUDFLARENET, US)

www.milkywaybar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:23c7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.twix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.134.68 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:9803 (United States)

ASN13335 (CLOUDFLARENET, US)

i5.walmartimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2292 (United States)

ASN13335 (CLOUDFLARENET, US)

www.snickers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.11.206.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-11-206-25.deploy.static.akamaitechnologies.com

www.candywarehouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400c:c34::5e (Charleston, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:27::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5lznlz.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	643 KB
16	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	211 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	143 KB
8	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 440	1 MB
8	scene7.com target.scene7.com — Cisco Umbrella Rank: 8328 s7d2.scene7.com — Cisco Umbrella Rank: 16858	863 KB
6	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 134 www.google.com — Cisco Umbrella Rank: 17	2 KB
6	heb.com images.heb.com — Cisco Umbrella Rank: 80872	582 KB
5	polltab.com www.polltab.com static.polltab.com	509 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	188 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	3 KB
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 2953 r4---sn-4g5lznlz.gvt1.com	860 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5594	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	20 KB
2	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 1972	51 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1047	460 B
1	candywarehouse.com www.candywarehouse.com — Cisco Umbrella Rank: 530248	99 KB
1	snickers.com www.snickers.com — Cisco Umbrella Rank: 172889	20 KB
1	walmartimages.com i5.walmartimages.com — Cisco Umbrella Rank: 3510	60 KB
1	twix.com www.twix.com — Cisco Umbrella Rank: 267467	82 KB
1	milkywaybar.com www.milkywaybar.com	76 KB
1	dailydot.com uploads.dailydot.com — Cisco Umbrella Rank: 103642	347 KB
1	3musketeers.com www.3musketeers.com	57 KB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 3033	199 KB
1	dribbble.com cdn.dribbble.com — Cisco Umbrella Rank: 81385	3 MB
127	24

	Domain	Requested by
24	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
24	pagead2.googlesyndication.com	static.polltab.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com www.gstatic.com tpc.googlesyndication.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.polltab.com
8	m.media-amazon.com	www.polltab.com
6	www.gstatic.com	googleads.g.doubleclick.net
6	images.heb.com	www.polltab.com
5	s7d2.scene7.com	www.polltab.com
4	www.google.com	3 redirects tpc.googlesyndication.com
4	www.googletagservices.com	googleads.g.doubleclick.net
4	static.polltab.com	www.polltab.com static.polltab.com
3	fonts.googleapis.com	static.polltab.com googleads.g.doubleclick.net
3	target.scene7.com	www.polltab.com
2	csi.gstatic.com	www.gstatic.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	static.polltab.com www.google-analytics.com
2	cdn.shopify.com	www.polltab.com
1	r4---sn-4g5lznlz.gvt1.com	googleads.g.doubleclick.net
1	redirector.gvt1.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.candywarehouse.com	www.polltab.com
1	www.snickers.com	www.polltab.com
1	i5.walmartimages.com	www.polltab.com
1	www.twix.com	www.polltab.com
1	www.milkywaybar.com	www.polltab.com
1	uploads.dailydot.com	www.polltab.com
1	www.3musketeers.com	www.polltab.com
1	upload.wikimedia.org	www.polltab.com
1	cdn.dribbble.com	www.polltab.com
1	www.polltab.com
127	31

This site contains no links.

Subject Issuer	Validity	Valid
polltab.com R3	`2022-09-20` - `2022-12-19`	3 months	crt.sh
*.polltab.com Amazon	`2022-07-10` - `2023-08-08`	a year	crt.sh
*.dribbble.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-11` - `2023-05-17`	a year	crt.sh
*.scene7.com DigiCert SHA2 Secure Server CA	`2022-01-23` - `2023-01-24`	a year	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-27` - `2023-11-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-27` - `2023-09-27`	a year	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2022-10-19` - `2023-10-18`	a year	crt.sh
secure4s.scene7.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-24` - `2023-02-24`	a year	crt.sh
cdn.shopify.com R3	`2022-09-16` - `2022-12-15`	3 months	crt.sh
cf-prod.walmartimages.com GlobalSign RSA OV SSL CA 2018	`2022-10-17` - `2023-11-18`	a year	crt.sh
www.candywarehouse.com R3	`2022-10-19` - `2023-01-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.polltab.com/bracket-poll/URhesZuhuQA
Frame ID: BA260AEB1FB25E2C2B460C2AD6095468
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html
Frame ID: EB37F96FBB1E7900A32051CC515668DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8079433326112023&output=html&h=90&slotname=4710844668&adk=1524170152&adf=1041980854&pi=t.ma~as.4710844668&w=728&lmt=1667494742&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.polltab.com%2Fbracket-poll%2FURhesZuhuQA&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494742836&bpp=11&bdt=566&idt=122&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&correlator=4115655696086&frm=20&pv=2&ga_vid=1306534775.1667494743&ga_sid=1667494743&ga_hid=129345856&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070664%2C44775016%2C21066433%2C31060048%2C31065824&oid=2&pvsid=2364989554416404&tmod=1252514405&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6nIxyNt3N6&p=https%3A//www.polltab.com&dtd=159
Frame ID: 2868401210418A33BC4899AB1C7F857E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8079433326112023&output=html&h=280&slotname=3485452081&adk=3787936106&adf=3208735096&pi=t.ma~as.3485452081&w=1200&fwrn=4&fwrnh=100&lmt=1667494742&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.polltab.com%2Fbracket-poll%2FURhesZuhuQA&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494742847&bpp=2&bdt=577&idt=151&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4115655696086&frm=20&pv=1&ga_vid=1306534775.1667494743&ga_sid=1667494743&ga_hid=129345856&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070664%2C44775016%2C21066433%2C31060048%2C31065824&oid=2&pvsid=2364989554416404&tmod=1252514405&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kXK0FQ2qCo&p=https%3A//www.polltab.com&dtd=154
Frame ID: 4552112BB5F0D1584456080CBFECF738
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8079433326112023&output=html&adk=1812271804&adf=3025194257&lmt=1667494743&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.polltab.com%2Fbracket-poll%2FURhesZuhuQA&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494742864&bpp=2&bdt=594&idt=150&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C1200x280&nras=1&correlator=4115655696086&frm=20&pv=1&ga_vid=1306534775.1667494743&ga_sid=1667494743&ga_hid=129345856&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070664%2C44775016%2C21066433%2C31060048%2C31065824&oid=2&pvsid=2364989554416404&tmod=1252514405&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=157
Frame ID: B1FC7CD8FA287376190A350EC0966C30
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8079433326112023&output=html&adk=1812271804&adf=1573534164&lmt=1667494743&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.polltab.com%2Fbracket-poll%2FURhesZuhuQA&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494742866&bpp=1&bdt=596&idt=158&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C1200x280%2C0x0&nras=2&correlator=4115655696086&frm=20&pv=1&ga_vid=1306534775.1667494743&ga_sid=1667494743&ga_hid=129345856&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070664%2C44775016%2C21066433%2C31060048%2C31065824&oid=2&pvsid=2364989554416404&tmod=1252514405&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=178
Frame ID: E4516D0B3A2B3F504CC2585FACC7BB04
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 466C877F81A20B68DFEE1E5CDDD14E99
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8D094CC47F7A739B2B91C49E254A6651
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Frame ID: 3A03E816FD1C547D453F070B1FD4DB0B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Frame ID: AC674AF7952D2F6072292E1F30396808
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Frame ID: 79A594F6942FC6164E2992DBACAB5407
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Frame ID: CDF1BEB058C363FEE4D505552A0CFA3C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 134A3BFE50CB114E3A3C4ECB1527A572
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/6ab016790426e7d037bac2fbd741d34d.js?tag=client_fast_engine_2019
Frame ID: 91DB1974ED8CF40885302D651E6AB3FF
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Frame ID: 705D36330B9C5708597FF5D8F4EF602E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Frame ID: 3C4A9F12A4571D9D71F39A8017FDF978
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 34E17F6C7A3079BBC5C2857583028BA2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F8B823CA3683538A04888AA92650306A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Polltab - 🧛🕷️🎃 BEST HALLOWEEN CANDY ⚰️👻🦇Qr Code

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

127
Requests

99 %
HTTPS

87 %
IPv6

24
Domains

31
Subdomains

30
IPs

3
Countries

8990 kB
Transfer

12464 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 71

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://redirector.gvt1.com/videoplayback?id=d5a48dc286a742d0&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1667501944&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=48CEAF3B1E2B0A73BC58F6A667FF718E94FD793C.ABB4AD139371B2E58FDB1B1E36C20CA7A914F283&key=ck2 HTTP 302
https://r4---sn-4g5lznlz.gvt1.com/videoplayback?id=d5a48dc286a742d0&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1667501944&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=5DDCBB537B526E74FB14B36659718B425DBD3DE8.275649D27AB74D019AA414C2E3F0ADDAC6CD3F2D&key=cms1&cms_redirect=yes&mh=rH&mip=2a01:4a0:2b::11&mm=28&mn=sn-4g5lznlz&ms=nvh&mt=1667493550&mv=u&mvi=4&pl=43

127 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request URhesZuhuQA Show response
www.polltab.com/bracket-poll/ 79 KB
9 KB 323ms
119ms Document
text/html 142.93.193.153
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.polltab.com/bracket-poll/URhesZuhuQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 142.93.193.153 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 924d5a305deb850b0603aa84b4c383e600a97a3b5d4e3fa155b8fe2145c77586

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Nov 2022 16:59:02 GMT
ETag: W/"13c3f-jw2Q0ySpnksRiT3L7xIU9DpoYCc"
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: Express

GET
H2 200 app.min.87e20f8af5807e2923b1.css
static.polltab.com/styles/ 123 KB
20 KB 80ms
12ms Stylesheet
text/css 2600:9000:224a:5e00:13:3e8b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.polltab.com/styles/app.min.87e20f8af5807e2923b1.css
Requested by: Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5e00:13:3e8b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc902ef3f225fa35feb4a33954748724a2e472de1f649ec88abb3ae6a86ac6aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:56:17 GMT
content-encoding: gzip
via: 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
last-modified: Mon, 24 Oct 2022 16:55:50 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 864166
etag: W/"f577c7cb5bc32eb73767558d37667472"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=315360000, public
x-amz-cf-id: Lh7uRRLASEsUafpdff6-XSNIajVUIwfjaP95o7Ff_XbXT7FRt_7gXg==

GET
H2 200 logo.svg
static.polltab.com/images/ 994 B
1 KB 81ms
13ms Image
image/svg+xml 2600:9000:224a:5e00:13:3e8b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.polltab.com/images/logo.svg
Requested by: Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5e00:13:3e8b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12e911948e1e352d4c6c7fad7736267a4de8424369f05a860f2085a5a75bfda1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 17:06:34 GMT
via: 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 23:03:16 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 4837949
etag: "36d5ba5ea1905305f1526c6fa2992824"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 994
x-amz-cf-id: 5DjU4WRAUmf4f6HrYV-pg4mOH4Aa5luQj4vLA5Rf-wBnTv5UkRDPJw==

GET
H2 200 cd1deb4229b6074b8945b9d9d3991401.gif
cdn.dribbble.com/users/4129448/screenshots/7206203/media/ 3 MB
3 MB 173ms
101ms Image
image/gif 192.229.220.206
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.dribbble.com/users/4129448/screenshots/7206203/media/cd1deb4229b6074b8945b9d9d3991401.gif
Requested by: Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.206 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (dcb/7317) /
Resource Hash: 3dbff3c2693b9441fcfc79491e9e27f9ff876d1a9b3c4f740a55f0d49870a893

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:02 GMT
via: 1.1 db72f6ab1d9d27534c6158ca17e3af1c.cloudfront.net (CloudFront)
x-amz-version-id: Q84FvHXOEzKk13BUNBBLjhcH7pJr1Br9
age: 84518
x-amz-cf-pop: IAD89-C3
x-cache: HIT
content-disposition: inline; filename="image_processing20190925-17934-1o4ehxw.gif"; filename*=UTF-8''image_processing20190925-17934-1o4ehxw.gif
content-length: 2690730
last-modified: Wed, 25 Sep 2019 04:54:18 GMT
server: ECAcc (dcb/7317)
etag: "8f3bc3792e5edd1f5eaa6e5ea5afe380"
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: image/gif
access-control-allow-origin: https://dribbble.com
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: fIZ-tDP2-_J4skuh21xDljNKFx1Jyyn5J8MwB4ENXUyVeGhaxHNwYw==

GET
H2 200 GUEST_0e3a7b2d-618d-46ee-a6c1-8cf1c7a37632
target.scene7.com/is/image/Target/ 41 KB
42 KB 236ms
184ms Image
image/jpeg 2a02:26f0:3500:596::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/image/Target/GUEST_0e3a7b2d-618d-46ee-a6c1-8cf1c7a37632?wid=488&hei=488&fmt=pjpeg

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:596::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

d49c3b027da63706160683f78bb498b11b6a21f0130cef1ac11d2d2a34dc9565

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:02 GMT
strict-transport-security: max-age=86400
last-modified: Tue, 19 Apr 2022 23:38:59 GMT
server: Unknown
etag: "1de48736d1f7e2c22208ed54a603dcd2"
content-type: image/jpeg
access-control-allow-origin: *
content-length: 42304
expires: Fri, 04 Nov 2022 02:59:02 GMT

GET
H2 200 1200px-Candy-Corn.jpg
upload.wikimedia.org/wikipedia/commons/thumb/5/56/Candy-Corn.jpg/ 198 KB
199 KB 94ms
31ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/5/56/Candy-Corn.jpg/1200px-Candy-Corn.jpg

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.1.3 /

Resource Hash

3156b7ce90a41242f2c771829a695a0d20ce8d16f4cffd54d516a93c97595fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 06:35:13 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 37429
x-cache-status: hit-front
x-cache: cp3063 hit, cp3065 hit/24
server-timing: cache;desc="hit-front", host;desc="cp3065"
content-length: 202637
x-client-ip: 2a01:4a0:2b::11
last-modified: Fri, 25 Oct 2013 21:36:44 GMT
server: ATS/9.1.3
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
etag: b4563c0b5da292f5cec9a73e7bd51fac
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy: interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ugwaegle8m9jdgf54oke.png
www.3musketeers.com/sites/g/files/fnmzdf641/files/migrate-product-files/ 57 KB
57 KB 759ms
657ms Image
image/png 2606:4700:4400::ac40:9a88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3musketeers.com/sites/g/files/fnmzdf641/files/migrate-product-files/ugwaegle8m9jdgf54oke.png

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a88 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89946254b22f8cc2ae332cb09ea83dd6458090e7da30e0471c44d9e544fefd76

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-cache-hits: 40
date: Thu, 03 Nov 2022 16:59:03 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
x-ah-environment: 01live
content-length: 58007
x-request-id: v-08a7a3bc-5ac4-11ed-8e54-1f1b2a4c25ae
last-modified: Wed, 02 Nov 2022 03:27:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7646a87bfb959bf4-FRA
expires: Wed, 16 Nov 2022 15:35:52 GMT

GET
H2 200 71jcEeKRJiL.jpg
m.media-amazon.com/images/I/ 188 KB
188 KB 94ms
14ms Image
image/jpeg 2a04:4e42::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/71jcEeKRJiL.jpg
Requested by: Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cac1efab00116f1d17063447514d478e6b2d4a1ea168be3c5c54dcc71fa650c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Mon, 22 Sep 2042 22:13:48 GMT
date: Thu, 03 Nov 2022 16:59:02 GMT
last-modified: Wed, 27 Nov 2013 15:13:46 GMT
age: 3177914
x-cache: HIT from fastly, HIT from fastly
content-type: image/jpeg
access-control-allow-origin: *
x-nginx-cache-status: MISS
cache-control: max-age=630720000,public
x-amz-ir-id: 8a2cb7ae-4191-4832-a039-040cf42cc606
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 192248
x-served-by: cache-iad-kcgs7200074-IAD, cache-hhn4054-HHN

GET
H2 200 GUEST_319372ae-60f5-4054-9394-59a2080c789e
target.scene7.com/is/image/Target/ 42 KB
42 KB 252ms
202ms Image
image/jpeg 2a02:26f0:3500:596::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/image/Target/GUEST_319372ae-60f5-4054-9394-59a2080c789e?wid=488&hei=488&fmt=pjpeg

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:596::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

37aacc1c63ddd50d2c39141c27419fb2a3a581690a3caa73b37238648ec06253

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:02 GMT
strict-transport-security: max-age=86400
last-modified: Wed, 07 Sep 2022 13:05:29 GMT
server: Unknown
etag: "75c888ac44fc84e3324ffb427f5edfbd"
content-type: image/jpeg
access-control-allow-origin: *
content-length: 43044
expires: Fri, 04 Nov 2022 02:59:02 GMT

GET
H2 200 0_34000_00243_6_701_24305_010_Item_Front
s7d2.scene7.com/is/image/hersheysassets/ 30 KB
31 KB 243ms
196ms Image
image/webp 2a02:26f0:3500:58e::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s7d2.scene7.com/is/image/hersheysassets/0_34000_00243_6_701_24305_010_Item_Front?fmt=webp-alpha&hei=908&qlt=75

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58e::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

f247584966b2b82d93b6c4360da3d0058da09b5d975aefdc836548dd498e4ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 03 Nov 2022 16:59:02 GMT
last-modified: Thu, 03 Sep 2020 06:27:22 GMT
server: Unknown
etag: "77fcbc5e4b531950694fd5cdf406edcf"
content-type: image/webp
access-control-allow-origin: *
content-length: 30990
expires: Fri, 04 Nov 2022 02:59:02 GMT

GET
H2 200 airheads.jpg
uploads.dailydot.com/2022/10/ 346 KB
347 KB 138ms
65ms Image
image/jpeg 2606:4700::6811:b03e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uploads.dailydot.com/2022/10/airheads.jpg?auto=compress&fm=pjpg

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:b03e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0931c1aee877e47045cd73988f75ebd0031ab38e54c0c50c592b75af5405e18a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:02 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, HIT
x-imgix-id: 8937a8370d4991db150cddaa7676da1ec4f7738a
cross-origin-resource-policy: cross-origin
content-length: 354160
x-served-by: cache-sjc10062-SJC, cache-fra-eddf8230079-FRA
x-imgix-render-farm: 01.584
last-modified: Tue, 25 Oct 2022 16:49:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7646a87bcc3b9bc8-FRA
expires: Fri, 03 Nov 2023 16:59:02 GMT

GET
H2 200 71NrROgheSL.jpg
m.media-amazon.com/images/I/ 211 KB
211 KB 118ms
99ms Image
image/jpeg 2a04:4e42::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/71NrROgheSL.jpg
Requested by: Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c9f57221a40b9b09db404e48e302c9118514906b2de5761512e2019ce68e7cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Tue, 21 Oct 2042 09:13:22 GMT
date: Thu, 03 Nov 2022 16:59:02 GMT
last-modified: Mon, 31 Mar 2014 19:55:17 GMT
age: 719140
x-cache: HIT from fastly, MISS from fastly
content-type: image/jpeg
access-control-allow-origin: *
x-nginx-cache-status: MISS
cache-control: max-age=630720000,public
x-amz-ir-id: 645bcbec-e64b-421a-9c71-3a90f30c64a2
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 215739
x-served-by: cache-iad-kcgs7200026-IAD, cache-hhn4054-HHN

GET
H2 200 0_34000_00440_9_701_44000_136_Item_Front
s7d2.scene7.com/is/image/hersheysassets/ 333 KB
334 KB 24ms
23ms Image
image/png 2a02:26f0:3500:58e::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s7d2.scene7.com/is/image/hersheysassets/0_34000_00440_9_701_44000_136_Item_Front?fmt=png-alpha&hei=908

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58e::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

4368c884d34c82631cca5d5603e04558cb3cbcb5685cf9e76995207edf7a32ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 03 Nov 2022 16:59:02 GMT
last-modified: Wed, 09 Sep 2020 12:51:29 GMT
server: Unknown
etag: "fb8178a9400e934ef630b19e9930200d"
content-type: image/png
access-control-allow-origin: *
content-length: 341257
expires: Thu, 03 Nov 2022 19:12:47 GMT

GET
H2 200 70206100018_010700060808_Item_Front
s7d2.scene7.com/is/image/hersheysassets/ 280 KB
280 KB 201ms
200ms Image
image/png 2a02:26f0:3500:58e::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s7d2.scene7.com/is/image/hersheysassets/70206100018_010700060808_Item_Front?fmt=png-alpha&hei=908

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58e::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

7897faa822cd17d983b4dc1d31a7e6d2e8181224b5bc82f0016d3875454fc376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 03 Nov 2022 16:59:02 GMT
last-modified: Wed, 19 Aug 2020 05:14:57 GMT
server: Unknown
etag: "95f452c30973ace6a6c49be7d223c5e5"
content-type: image/png
access-control-allow-origin: *
content-length: 286285
expires: Fri, 04 Nov 2022 02:59:02 GMT

GET
H2 200 000740766
images.heb.com/is/image/HEBGrocery/ 46 KB
46 KB 247ms
20ms Image
image/webp 2a02:26f0:480:d::210:f145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.heb.com/is/image/HEBGrocery/000740766

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d::210:f145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

dfd7857c91daf82d2aef2a255fdc90687f05719592f93f3fd0890f1f5d3ed747

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

unused62: 8096267
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 03 Nov 2022 16:59:02 GMT
last-modified: Thu, 20 Oct 2022 21:41:25 GMT
-x-adobe-smart-imaging: 52379
server: Unknown
etag: "bbd17905120e90f0c67e9ef66e22ef59"
content-type: image/webp
access-control-allow-origin: *
content-length: 46810
expires: Wed, 09 Nov 2022 13:36:02 GMT

GET
H2 200 navjcnc7rdmfi5v4b6qf.png
www.milkywaybar.com/sites/g/files/fnmzdf631/files/migrate-product-files/ 76 KB
76 KB 686ms
631ms Image
image/png 2606:4700:4400::ac40:9919
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.milkywaybar.com/sites/g/files/fnmzdf631/files/migrate-product-files/navjcnc7rdmfi5v4b6qf.png

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9919 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d11f4c570f936db88f898072fcb6689cac427b356821d59e0c08bed5d8df6973

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-cache-hits: 54
date: Thu, 03 Nov 2022 16:59:03 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
x-ah-environment: 01live
content-length: 77637
x-request-id: v-4d65f6ac-5ac9-11ed-95dd-63eb84400869
last-modified: Wed, 02 Nov 2022 03:22:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7646a87c8e86bbe5-FRA
expires: Wed, 16 Nov 2022 16:13:35 GMT

GET
H2 200 pm57alsea7mspqhhgfuf.png
www.twix.com/sites/g/files/fnmzdf236/files/migrate-product-files/ 81 KB
82 KB 419ms
48ms Image
image/png 2606:4700:4400::6812:23c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.twix.com/sites/g/files/fnmzdf236/files/migrate-product-files/pm57alsea7mspqhhgfuf.png

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:23c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3429b01b4c0d9d856dc4f005a6540e379b0e1d8e54ea0586760ecf6ff099cc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-cache-hits: 14
date: Thu, 03 Nov 2022 16:59:02 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 279452
cf-polished: status=not_needed
x-cache: HIT
x-ah-environment: 01live
content-length: 83385
x-request-id: v-c20d2b44-58fb-11ed-82cf-c79ae611d598
cf-bgj: imgq:100,h2pri
last-modified: Mon, 31 Oct 2022 01:46:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7646a87e9e3d9b51-FRA
expires: Mon, 14 Nov 2022 09:09:43 GMT

GET
H2 200 0_34000_00031_9_701_00310_029_Item_Front
s7d2.scene7.com/is/image/hersheysassets/ 9 KB
9 KB 211ms
211ms Image
image/webp 2a02:26f0:3500:58e::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s7d2.scene7.com/is/image/hersheysassets/0_34000_00031_9_701_00310_029_Item_Front?fmt=webp-alpha&hei=412&qlt=75

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58e::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

f10686ef1595d15b3256cecfa06f0ab0ef04d362aef0ed6a2902bc0ad9686734

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 03 Nov 2022 16:59:02 GMT
last-modified: Thu, 20 Jan 2022 23:21:23 GMT
server: Unknown
etag: "0f0fe8d314951eac3f74a2add164669e"
content-type: image/webp
access-control-allow-origin: *
content-length: 9252
expires: Fri, 04 Nov 2022 02:59:02 GMT

GET
H2 200 100_grand_candy_bar_1.5oz_600x.jpg
cdn.shopify.com/s/files/1/0972/7116/products/ 23 KB
23 KB 283ms
249ms Image
image/webp 162.159.134.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0972/7116/products/100_grand_candy_bar_1.5oz_600x.jpg?v=1633467180

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f828b22b226d3905bda9865fa9652250aa0ed5a7948ebccf6d816208ad012f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
server-timing: imagery;dur=195.857, imageryFetch;dur=120.657, imageryProcess;dur=54.983;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23214
x-xss-protection: 1; mode=block
x-request-id: d5a718b1-e443-47a5-8b65-6859826b8b16
last-modified: Mon, 05 Sep 2022 08:34:16 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YlNJ94Wr5lXCgYo0sfuEXVEB9Iu8f8Mgq1C9eyT7nkQCkiMOa6FCr%2F60JW0XObb%2BNleiGdh5mMtSnN%2F%2B2oFQpfaW4tW58phUZp9k7zcCZzZwc5p6Hm3RViSQYtDYzrtUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0972/7116/products/100_grand_candy_bar_1.5oz_600x.jpg>; rel="canonical"
cf-ray: 7646a87cdbdb909a-FRA

GET
H2 200 61QkGG8iTPL.jpg
m.media-amazon.com/images/I/ 78 KB
78 KB 173ms
173ms Image
image/jpeg 2a04:4e42::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/61QkGG8iTPL.jpg
Requested by: Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 83ac243d595051d06eb37002d70b01925c4c7d25b0ed3c90d545afeb37b1a760

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Mon, 20 Oct 2042 12:10:35 GMT
date: Thu, 03 Nov 2022 16:59:02 GMT
last-modified: Fri, 11 Jul 2014 17:36:05 GMT
age: 794907
x-cache: HIT from fastly, MISS from fastly
content-type: image/jpeg
access-control-allow-origin: *
x-nginx-cache-status: MISS
cache-control: max-age=630720000,public
x-amz-ir-id: 9580b56e-88eb-4fcf-9b7b-f32202b920e4
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 79768
x-served-by: cache-iad-kjyo7100158-IAD, cache-hhn4054-HHN

GET
H2 200 GUEST_12575f0f-c727-4ad4-a869-9c5ea0fadeb8
target.scene7.com/is/image/Target/ 54 KB
54 KB 186ms
186ms Image
image/jpeg 2a02:26f0:3500:596::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/image/Target/GUEST_12575f0f-c727-4ad4-a869-9c5ea0fadeb8?wid=488&hei=488&fmt=pjpeg

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:596::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

bf011854d4f031fd1ae7c542facf49cae0f7c3c2d4cfe18f0cff4171a1155741

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:02 GMT
strict-transport-security: max-age=86400
last-modified: Tue, 22 Feb 2022 00:04:06 GMT
server: Unknown
etag: "71d9d4d3dc30ed9487b4bcc22d360bf2"
content-type: image/jpeg
access-control-allow-origin: *
content-length: 55313
expires: Fri, 04 Nov 2022 02:59:02 GMT

GET
H2 200 megasmartiesroll2_2048x.jpg
cdn.shopify.com/s/files/1/0972/7116/products/ 27 KB
28 KB 218ms
216ms Image
image/webp 162.159.134.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0972/7116/products/megasmartiesroll2_2048x.jpg?v=1659026348

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ca49e043f3f33c303715c1fb75acad384ddc4eb8f429951f67ce5c803fb8daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
server-timing: imagery;dur=280.870, imageryFetch;dur=95.423, imageryProcess;dur=184.814;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27468
x-xss-protection: 1; mode=block
x-request-id: abb790b2-f876-4d72-8f3f-861bee36fe9c
last-modified: Fri, 02 Sep 2022 13:32:30 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4Ug6WeqiEXhru%2BUaVfEshXjmH%2Bw8TZgL304vk30O1%2BWlOVW4ANbl7Kx7%2F82zZqLhjvAKKzTd0DvhSxMjbDhnT6YgS29ZtAegkgZ6t7xyRwlLhBPrJa2PwLmLEw1sUcXSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0972/7116/products/megasmartiesroll2_2048x.jpg>; rel="canonical"
cf-ray: 7646a87cdbe0909a-FRA

GET
H2 200 0_34000_00320_4_701_00320_054_Item_Front
s7d2.scene7.com/is/image/hersheysassets/ 70 KB
70 KB 191ms
188ms Image
image/png 2a02:26f0:3500:58e::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s7d2.scene7.com/is/image/hersheysassets/0_34000_00320_4_701_00320_054_Item_Front?fmt=png-alpha&hei=412

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58e::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

15e93289ad98142d8eba93fa1b17574e88236d78b4bd90cb9e9c7d35a107a8b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 03 Nov 2022 16:59:02 GMT
last-modified: Thu, 30 Jul 2020 07:03:50 GMT
server: Unknown
etag: "823f0eeba21a11ae496f1af9c22b2d0b"
content-type: image/png
access-control-allow-origin: *
content-length: 71236
expires: Fri, 04 Nov 2022 02:59:02 GMT

GET
H2 200 4caef46e-d517-4962-b954-957942afc8a7_1.8711f29d2fa41579d18fbbd9009e30a8.jpeg
i5.walmartimages.com/asr/ 60 KB
60 KB 358ms
215ms Image
image/webp 2606:4700::6811:9803
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i5.walmartimages.com/asr/4caef46e-d517-4962-b954-957942afc8a7_1.8711f29d2fa41579d18fbbd9009e30a8.jpeg?odnHeight=612&odnWidth=612&odnBg=FFFFFF
Requested by: Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa7a0935f9dcd82d125adca559ee9b6f933d5ef964bcddf7b42526f571169c95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:02 GMT
cf-cache-status: HIT
x-cdn: CF
content-md5: Vej2wJaXMHJWeeKJhH6IlQ==
x-tb-oa-expiresat: 1668271150
edge-cache-tag: 0.0.2
x-tb-oa-originalcontenttype: image/jpeg
x-tb-oa-originalcontentsize: 1074875
server-timing: cfRequestDuration;dur=143.000126, cfRequestDuration;dur=269.000053
content-length: 60996
x-tb: 1
x-tb-optimization-original-content-type: image/jpeg
x-tb-optimization-total-bytes-saved: 1013879
x-tb-optimization-original-content-size: 1074875
last-modified: Thu, 13 Oct 2022 16:39:46 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-tb-optimization-version: 0.0.2
access-control-expose-headers: *
cache-control: public, max-age=30758400
x-tb-optimization-original-expires-at: Sat, 12 Nov 2022 16:39:10 UTC
accept-ranges: bytes
cf-ray: 7646a87dacab994b-FRA
access-control-allow-headers: *
x-tb-oa-version: 0.0.2
timing-allow-origin: *
expires: Sun, 15 Oct 2023 15:49:31 GMT

GET
H2 200 000121396
images.heb.com/is/image/HEBGrocery/ 39 KB
39 KB 162ms
44ms Image
image/webp 2a02:26f0:480:d::210:f145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.heb.com/is/image/HEBGrocery/000121396?fit=constrain,1&wid=800&hei=800&fmt=jpg&qlt=85,0&resMode=sharp2&op_usm=1.75,0.3,2,0

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d::210:f145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

04abee578d24c91676d9e97e7dcc2c46db2ab3673f8f62d720d6f0cda4ab41a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 03 Nov 2022 16:59:02 GMT
last-modified: Thu, 20 Oct 2022 21:41:23 GMT
-x-adobe-smart-imaging: 26857
server: Unknown
etag: "f058f326f42fefa226f8be1856aa65a5"
content-type: image/webp
access-control-allow-origin: *
content-length: 39778
expires: Mon, 07 Nov 2022 14:46:49 GMT

GET
H2 200 71LSAWjb3EL.jpg
m.media-amazon.com/images/I/ 206 KB
206 KB 62ms
59ms Image
image/jpeg 2a04:4e42::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/71LSAWjb3EL.jpg
Requested by: Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bff79e9a5d843257820ee774327a5ebae8c95a06f2938696c8d326123758fe71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Tue, 14 Oct 2042 10:45:24 GMT
date: Thu, 03 Nov 2022 16:59:02 GMT
last-modified: Mon, 27 Jun 2022 16:47:36 GMT
age: 1300485
x-cache: HIT from fastly, HIT from fastly
content-type: image/jpeg
access-control-allow-origin: *
x-nginx-cache-status: HIT
cache-control: max-age=630720000,public
x-amz-ir-id: 14b36a98-f923-424d-82d8-396f214d1553
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 210500
x-served-by: cache-iad-kjyo7100079-IAD, cache-hhn4054-HHN

GET
H2 200 000098268
images.heb.com/is/image/HEBGrocery/ 82 KB
82 KB 164ms
45ms Image
image/webp 2a02:26f0:480:d::210:f145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.heb.com/is/image/HEBGrocery/000098268

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d::210:f145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

4c00aefb2f7f738089d512d14532e129519ae602a38eb0e8d4744b1d6a81a447

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 03 Nov 2022 16:59:02 GMT
last-modified: Thu, 20 Oct 2022 00:10:18 GMT
-x-adobe-smart-imaging: 48344
server: Unknown
etag: "76878136893fbd89e73358e2f90f2772"
content-type: image/webp
access-control-allow-origin: *
content-length: 83814
expires: Tue, 08 Nov 2022 09:04:23 GMT

GET
H2 200 000077689
images.heb.com/is/image/HEBGrocery/ 36 KB
36 KB 500ms
381ms Image
image/webp 2a02:26f0:480:d::210:f145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.heb.com/is/image/HEBGrocery/000077689?fit=constrain,1&wid=800&hei=800&fmt=jpg&qlt=85,0&resMode=sharp2&op_usm=1.75,0.3,2,0

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d::210:f145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

422d55fe797e1c107df22a9e51cf8272a7b720e418eb08aaed5f65e3e4a0487b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 03 Nov 2022 16:59:03 GMT
last-modified: Thu, 20 Oct 2022 00:10:18 GMT
-x-adobe-smart-imaging: 17184
server: Unknown
etag: "4a4c7acc270ab9e4b7787333832f2384"
content-type: image/webp
access-control-allow-origin: *
content-length: 37038
expires: Thu, 10 Nov 2022 16:59:02 GMT

GET
H2 200 dryeqrv2efldaaoyceat.png
www.snickers.com/cdn-cgi/image/width=472,height=472,f=auto,quality=90/sites/g/files/fnmzdf616/files/migrate-product-files/ 20 KB
20 KB 359ms
58ms Image
image/avif 2606:4700:4400::6812:2292
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.snickers.com/cdn-cgi/image/width=472,height=472,f=auto,quality=90/sites/g/files/fnmzdf616/files/migrate-product-files/dryeqrv2efldaaoyceat.png

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2292 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23abcb4523106d7378c20374821ec995cd9ecba6e941d4e462660d2f2e66225d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:02 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 20125
cf-resized: internal=ok/h q=0 n=28 c=4+198 v=2022.10.4 l=20125
last-modified: Wed, 02 Nov 2022 03:10:41 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfhLrxoXyAHC6IFIbAQTx1VA"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7646a87eadb7696a-FRA

GET
H2 200 8143iYw4FFL.jpg
m.media-amazon.com/images/I/ 467 KB
467 KB 186ms
183ms Image
image/jpeg 2a04:4e42::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/8143iYw4FFL.jpg
Requested by: Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3a7e3eb2daaa0b2e56c5f45804ed85c386e4d5c9b04e794758a96b43f446ea63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Mon, 20 Oct 2042 13:00:38 GMT
date: Thu, 03 Nov 2022 16:59:02 GMT
last-modified: Sat, 20 Jan 2018 02:17:04 GMT
age: 791109
x-cache: HIT from fastly, MISS from fastly
content-type: image/jpeg
access-control-allow-origin: *
x-nginx-cache-status: HIT
cache-control: max-age=630720000,public
x-amz-ir-id: 708ffc71-7d8a-4512-9a14-3066d62ab892
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 477778
x-served-by: cache-iad-kcgs7200114-IAD, cache-hhn4054-HHN

GET
H2 200 61SRR9W3ZwL.jpg
m.media-amazon.com/images/I/ 116 KB
116 KB 112ms
110ms Image
image/jpeg 2a04:4e42::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/61SRR9W3ZwL.jpg
Requested by: Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1ec9332d8aa51354e58e49b70efb6cc3c179a7d500e4b1a6f58e01bdf99f4def

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Mon, 15 Sep 2042 05:18:51 GMT
date: Thu, 03 Nov 2022 16:59:02 GMT
last-modified: Tue, 23 Jun 2020 16:29:16 GMT
age: 3813727
x-cache: HIT from fastly, HIT from fastly
content-type: image/jpeg
access-control-allow-origin: *
x-nginx-cache-status: HIT
cache-control: max-age=630720000,public
x-amz-ir-id: c77ccb3a-f095-4304-8993-7540361bb1c7
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 118728
x-served-by: cache-iad-kcgs7200087-IAD, cache-hhn4054-HHN

GET
H2 200 31XJ+hIUJaL._AC_SY350_.jpg
m.media-amazon.com/images/I/ 13 KB
13 KB 62ms
60ms Image
image/jpeg 2a04:4e42::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/31XJ+hIUJaL._AC_SY350_.jpg
Requested by: Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cbed180d191735f369fc81403af8bcb490e1d8d9b2b42fa32dac6de8f92d1933

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Tue, 07 Oct 2042 23:09:08 GMT
date: Thu, 03 Nov 2022 16:59:02 GMT
last-modified: Wed, 12 Oct 2022 15:33:46 GMT
age: 1878594
x-cache: HIT from fastly, HIT from fastly
content-type: image/jpeg
access-control-allow-origin: *
x-nginx-cache-status: MISS
cache-control: max-age=630720000,public
x-amz-ir-id: b6ea36de-f1d1-4c0a-a023-3e4b32a23eb5
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 13541
x-served-by: cache-iad-kiad7000144-IAD, cache-hhn4054-HHN

GET
H2 200 127415-01_starburst-fruit-chews-candy-3lb-bag.jpg
www.candywarehouse.com/item-images/ 98 KB
99 KB 129ms
21ms Image
image/jpeg 23.11.206.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.candywarehouse.com/item-images/127415-01_starburst-fruit-chews-candy-3lb-bag.jpg
Requested by: Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.11.206.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-11-206-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ad54c0b48529c1f302ea8be35ee549d181d00124bb92600d10386518bad9bffa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:02 GMT
akamai-grn: 0.15ce0b17.1667494742.ea8f1af
p3p: CP="CAO PSAa OUR BUS PUR"
nlcachenote: FromMediaCache=T
content-type: image/jpeg
ns_rtimer_composite: 1808850333:73686F703032352E70726F642E6368692E6E65746C65646765722E636F6D:80
cache-control: max-age=7200, s-maxage=604800
content-disposition: inline;filename*=utf-8''127415-01_starburst-fruit-chews-candy-3lb-bag.jpg
accept-ranges: bytes
content-length: 100710
x-n-operationid: 86af0109-6e50-4a0d-9f04-9518bddd5e71
expires: Thu, 03 Nov 2022 18:59:02 GMT

GET
H2 200 000502167
images.heb.com/is/image/HEBGrocery/ 301 KB
302 KB 44ms
44ms Image
image/webp 2a02:26f0:480:d::210:f145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.heb.com/is/image/HEBGrocery/000502167

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d::210:f145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

d2dabb77bf9253694040532175116e1810a65d1b7077836da4a7d340a1415243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 03 Nov 2022 16:59:02 GMT
last-modified: Thu, 20 Oct 2022 00:12:20 GMT
-x-adobe-smart-imaging: 259274
server: Unknown
etag: "e7c8903c660b821732886076448a4908"
content-type: image/webp
access-control-allow-origin: *
content-length: 308136
expires: Wed, 09 Nov 2022 23:50:30 GMT

GET
H2 200 000102790
images.heb.com/is/image/HEBGrocery/ 76 KB
77 KB 40ms
40ms Image
image/webp 2a02:26f0:480:d::210:f145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.heb.com/is/image/HEBGrocery/000102790

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d::210:f145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

7fb7e94ede805e4b86ae65f849a45f94bc4919a24a2650be414545ea931e1077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 03 Nov 2022 16:59:02 GMT
last-modified: Thu, 20 Oct 2022 00:30:53 GMT
-x-adobe-smart-imaging: 27200
server: Unknown
etag: "5ef973a94cf46e08b7c8232e243fd540"
content-type: image/webp
access-control-allow-origin: *
content-length: 78144
expires: Wed, 09 Nov 2022 15:19:54 GMT

GET
H2 200 61aiFMExI8L.jpg
m.media-amazon.com/images/I/ 65 KB
65 KB 101ms
101ms Image
image/jpeg 2a04:4e42::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/61aiFMExI8L.jpg
Requested by: Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a5dcd20776418ca11b4d2ca9c8834389bfe591d65549135eedd579113c2a9d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Thu, 09 Oct 2042 05:34:38 GMT
date: Thu, 03 Nov 2022 16:59:02 GMT
last-modified: Tue, 28 Mar 2017 14:33:27 GMT
age: 1769064
x-cache: HIT from fastly, HIT from fastly
content-type: image/jpeg
access-control-allow-origin: *
x-nginx-cache-status: MISS
cache-control: max-age=630720000,public
x-amz-ir-id: 63a8cb4c-be2d-4dfe-95de-8ec169c281b9
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 66624
x-served-by: cache-iad-kcgs7200105-IAD, cache-hhn4054-HHN

GET
H2 200 app.min.87e20f8af5807e2923b1.js Show response
static.polltab.com/scripts/ 1 MB
370 KB 70ms
21ms Script
application/javascript 2600:9000:224a:5e00:13:3e8b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.polltab.com/scripts/app.min.87e20f8af5807e2923b1.js
Requested by: Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5e00:13:3e8b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 702a88e0f8ce37f9edc96fa42f1cc6d5c9d9d733d5204ee8d93f2207076322e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:56:17 GMT
content-encoding: gzip
via: 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
last-modified: Mon, 24 Oct 2022 16:55:50 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 864166
etag: W/"32cfbdf644333ea12a6d8c06c7ff9784"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=315360000, public
x-amz-cf-id: -Wp-b7BsxYpHHWw9tiyoA_PtJIx-GKlafNIAaLdVsdsALOg2bTTcQg==

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 72ms
47ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@700&family=Open+Sans:wght@300;400;600&display=swap

Requested by

Host: static.polltab.com
URL: https://static.polltab.com/styles/app.min.87e20f8af5807e2923b1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4295d4eaeadd4a12aefa6311a883b2cefc5c76f50e008302a6620bd2a2d125de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 03 Nov 2022 16:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 16:59:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Nov 2022 16:59:02 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@700&family=Open+Sans:wght@300;400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.polltab.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 252518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 18:50:24 GMT

GET
H2 200 ionicons.ttf
static.polltab.com/fonts/ 184 KB
108 KB 39ms
15ms Font
application/x-font-ttf 2600:9000:224a:5e00:13:3e8b:9e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.polltab.com/fonts/ionicons.ttf
Requested by: Host: static.polltab.com
URL: https://static.polltab.com/styles/app.min.87e20f8af5807e2923b1.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5e00:13:3e8b:9e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

Referer: https://static.polltab.com/styles/app.min.87e20f8af5807e2923b1.css
Origin: https://www.polltab.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 00:41:36 GMT
content-encoding: gzip
via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 4810647
x-cache: Hit from cloudfront
last-modified: Fri, 02 Sep 2022 23:03:16 GMT
server: AmazonS3
etag: W/"24712f6c47821394fba7942fbb52c3b2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-font-ttf
access-control-allow-origin: https://www.polltab.com
cache-control: max-age=315360000, public
access-control-allow-credentials: true
vary: Accept-Encoding,Origin
x-amz-cf-id: ijsmFgm5vud7MY4LazSIeR2V1U3_hMQYOKfFf0AbTdkssDl8pRk3KQ==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
55 KB 116ms
71ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: static.polltab.com
URL: https://static.polltab.com/scripts/app.min.87e20f8af5807e2923b1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b355985cbad8dc2e50680487a8cf6d1717944e56138b7572a2b2892eccf81aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55290
x-xss-protection: 0
server: cafe
etag: 11806882465909056940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Nov 2022 16:59:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 54ms
10ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: static.polltab.com
URL: https://static.polltab.com/scripts/app.min.87e20f8af5807e2923b1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 03 Nov 2022 15:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5653
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 03 Nov 2022 17:24:49 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 16ms
15ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=129345856&t=pageview&_s=1&dl=https%3A%2F%2Fwww.polltab.com%2Fbracket-poll%2FURhesZuhuQA&ul=en-us&de=UTF-8&dt=Polltab%20-%20%F0%9F%A7%9B%F0%9F%95%B7%EF%B8%8F%F0%9F%8E%83%20BEST%20HALLOWEEN%20CANDY%20%E2%9A%B0%EF%B8%8F%F0%9F%91%BB%F0%9F%A6%87&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1210490148&gjid=1299078405&cid=1306534775.1667494743&tid=UA-58194111-3&_gid=1436639949.1667494743&_r=1&_slc=1&z=1762518983

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.polltab.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 16:59:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.polltab.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/ 353 KB
116 KB 84ms
60ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8079433326112023&plah=www.polltab.com&bust=31070664

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02302974dc6c7d0a920ea44a1722461c1def9096efbdea0407a3a5f4acdab320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118918
x-xss-protection: 0
server: cafe
etag: 12922702488293216649
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 03 Nov 2022 16:59:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/ Frame EB37 10 KB
5 KB 36ms
9ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.polltab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 18:05:44 GMT
etag: 2424782735605397694
expires: Wed, 16 Nov 2022 18:05:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
460 B 41ms
25ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.polltab.com&callback=_gfp_s_&client=ca-pub-8079433326112023&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8079433326112023&plah=www.polltab.com&bust=31070664

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

416dd1a02a72c0c2f91d5dded408837f3a80372fc41432c4edbd494639f9fdd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 62ms
21ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.polltab.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 66ms
25ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.polltab.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2868 71 KB
29 KB 630ms
595ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8079433326112023&output=html&h=90&slotname=4710844668&adk=1524170152&adf=1041980854&pi=t.ma~as.4710844668&w=728&lmt=1667494742&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.polltab.com%2Fbracket-poll%2FURhesZuhuQA&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494742836&bpp=11&bdt=566&idt=122&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&correlator=4115655696086&frm=20&pv=2&ga_vid=1306534775.1667494743&ga_sid=1667494743&ga_hid=129345856&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070664%2C44775016%2C21066433%2C31060048%2C31065824&oid=2&pvsid=2364989554416404&tmod=1252514405&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6nIxyNt3N6&p=https%3A//www.polltab.com&dtd=159

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

932a1c96e4957a07fe6c7dedda7dde85b431b99e2b15f2ba06d7c5b8ba56660d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.polltab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29324
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 16:59:03 GMT
expires: Thu, 03 Nov 2022 16:59:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4552 100 KB
33 KB 659ms
630ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8079433326112023&output=html&h=280&slotname=3485452081&adk=3787936106&adf=3208735096&pi=t.ma~as.3485452081&w=1200&fwrn=4&fwrnh=100&lmt=1667494742&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.polltab.com%2Fbracket-poll%2FURhesZuhuQA&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494742847&bpp=2&bdt=577&idt=151&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4115655696086&frm=20&pv=1&ga_vid=1306534775.1667494743&ga_sid=1667494743&ga_hid=129345856&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070664%2C44775016%2C21066433%2C31060048%2C31065824&oid=2&pvsid=2364989554416404&tmod=1252514405&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kXK0FQ2qCo&p=https%3A//www.polltab.com&dtd=154

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

530232ef564c00772c6ec8a1a91d5ea5ce7fa0c66a9f4c057b0cc8a65043da60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.polltab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33543
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 16:59:03 GMT
expires: Thu, 03 Nov 2022 16:59:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B1FC 282 KB
69 KB 1254ms
1247ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8079433326112023&output=html&adk=1812271804&adf=3025194257&lmt=1667494743&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.polltab.com%2Fbracket-poll%2FURhesZuhuQA&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494742864&bpp=2&bdt=594&idt=150&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C1200x280&nras=1&correlator=4115655696086&frm=20&pv=1&ga_vid=1306534775.1667494743&ga_sid=1667494743&ga_hid=129345856&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070664%2C44775016%2C21066433%2C31060048%2C31065824&oid=2&pvsid=2364989554416404&tmod=1252514405&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=157

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbbd29b2dfe564448f07bf7c97a41afb14d6d0ce4a2dc6f6718999c4cb3d8973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.polltab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 70877
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 16:59:04 GMT
expires: Thu, 03 Nov 2022 16:59:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E451 264 KB
67 KB 1619ms
1618ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8079433326112023&output=html&adk=1812271804&adf=1573534164&lmt=1667494743&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.polltab.com%2Fbracket-poll%2FURhesZuhuQA&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494742866&bpp=1&bdt=596&idt=158&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C1200x280%2C0x0&nras=2&correlator=4115655696086&frm=20&pv=1&ga_vid=1306534775.1667494743&ga_sid=1667494743&ga_hid=129345856&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070664%2C44775016%2C21066433%2C31060048%2C31065824&oid=2&pvsid=2364989554416404&tmod=1252514405&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=178

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbe4b7003043612db8fa83166de6871fe7237d14100cfc221b13ccb04166229c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.polltab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 68508
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 16:59:04 GMT
expires: Thu, 03 Nov 2022 16:59:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 10851448890898510933
tpc.googlesyndication.com/simgad/ Frame 2868 8 KB
9 KB 49ms
16ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10851448890898510933?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlQW23Ir_R_VP8ZWvEACjjikehyNA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8079433326112023&output=html&h=90&slotname=4710844668&adk=1524170152&adf=1041980854&pi=t.ma~as.4710844668&w=728&lmt=1667494742&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.polltab.com%2Fbracket-poll%2FURhesZuhuQA&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494742836&bpp=11&bdt=566&idt=122&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&correlator=4115655696086&frm=20&pv=2&ga_vid=1306534775.1667494743&ga_sid=1667494743&ga_hid=129345856&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070664%2C44775016%2C21066433%2C31060048%2C31065824&oid=2&pvsid=2364989554416404&tmod=1252514405&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6nIxyNt3N6&p=https%3A//www.polltab.com&dtd=159

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8b76eae04aa02e5cee5c4b8345b9f980f62f0c1f05f080fd88e9b0186ae569b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 07:48:25 GMT
x-content-type-options: nosniff
age: 205838
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8553
x-xss-protection: 0
last-modified: Thu, 13 May 2021 13:00:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Nov 2023 07:48:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 2868 23 KB
9 KB 40ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 12:40:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 12:40:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 2868 3 KB
1 KB 34ms
12ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 16:24:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 2868 17 KB
7 KB 33ms
11ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 14:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 14:35:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2868 153 KB
47 KB 75ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 16:59:03 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 2868 33 KB
13 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a7c8b587c68526f2c60fd49e7ee891628f72fe2d826a9c4d9d4ddeb1127eaca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 14:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13493
x-xss-protection: 0
server: cafe
etag: 7904785543377395088
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 14:57:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2868 0
0 56ms
55ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6EKWV_NjY5ngAvOC2fcPnYGPmA_J39XvarHol5uPELrCo_P7GxABIMax4TxglaqUgqAHoAHxmqDQAcgBAqgDAcgDyQSqBIUCT9CVTqSce5O7IqhHgtaoorzj_cZq6m4-2nTgG-OcupA0OUo9ObI99DSCrQueSGTI-EVpY-N3MqyOQ8x19KDr8-1HCr0PZkBDMPJQgf0i_soP-pL-WCWfSyNPG-6Y87pXWRShCCfFt5Oq54dWtiinrXoxmx4b2fw_glg3eTCxjcsPQozJGsibAaMeihLz473Uhh-mV31IW-Nbs2Bksw4kThIqwVBYg589K1h5gg3RhXgDcB2S2RdxWntqJ2R-87XzLbFro17BI4nOugh5A-EAUrwAa2lrcKExPVybj7o0nFTwZIi7fubFZLxklFV2tKcGjlBjhtNuFdiXfW4UL5EoxRd9ojR6wASTotrrkwSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH9-TfrwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCRvAjSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi04MDc5NDMzMzI2MTEyMDIzGAA&sigh=tF-hSo-Tplg&uach_m=[UACH]&cid=CAQSGwDq26N9b5GH9Gd9-4jBUt3ir8aXr-0krvQpbBgBIA4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8079433326112023&output=html&h=90&slotname=4710844668&adk=1524170152&adf=1041980854&pi=t.ma~as.4710844668&w=728&lmt=1667494742&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.polltab.com%2Fbracket-poll%2FURhesZuhuQA&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494742836&bpp=11&bdt=566&idt=122&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&correlator=4115655696086&frm=20&pv=2&ga_vid=1306534775.1667494743&ga_sid=1667494743&ga_hid=129345856&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070664%2C44775016%2C21066433%2C31060048%2C31065824&oid=2&pvsid=2364989554416404&tmod=1252514405&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6nIxyNt3N6&p=https%3A//www.polltab.com&dtd=159
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 03 Nov 2022 16:59:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 03 Nov 2022 16:59:03 GMT

GET
H2 200 18284422129284599841
tpc.googlesyndication.com/simgad/ Frame 4552 95 KB
95 KB 16ms
16ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18284422129284599841?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlryidx2Hmfj3Nc5FgL6uHknqh05Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8079433326112023&output=html&h=280&slotname=3485452081&adk=3787936106&adf=3208735096&pi=t.ma~as.3485452081&w=1200&fwrn=4&fwrnh=100&lmt=1667494742&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.polltab.com%2Fbracket-poll%2FURhesZuhuQA&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494742847&bpp=2&bdt=577&idt=151&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4115655696086&frm=20&pv=1&ga_vid=1306534775.1667494743&ga_sid=1667494743&ga_hid=129345856&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070664%2C44775016%2C21066433%2C31060048%2C31065824&oid=2&pvsid=2364989554416404&tmod=1252514405&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kXK0FQ2qCo&p=https%3A//www.polltab.com&dtd=154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a57a793736889d6f191fc8a7f94d35ca4a9f436618ab0aeaf84b98cf121fe90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:22:05 GMT
x-content-type-options: nosniff
age: 553018
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97361
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 07:34:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 07:22:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 4552 23 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 12:40:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 12:40:19 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 4552 3 KB
1 KB 43ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 16:24:42 GMT

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 4552 67 B
91 B 46ms
13ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 09:25:27 GMT
x-content-type-options: nosniff
server: cafe
age: 27216
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Fri, 04 Nov 2022 09:25:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 4552 17 KB
7 KB 45ms
11ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 14:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 14:35:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4552 153 KB
47 KB 49ms
41ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 16:59:03 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 4552 33 KB
13 KB 46ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a7c8b587c68526f2c60fd49e7ee891628f72fe2d826a9c4d9d4ddeb1127eaca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 14:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13493
x-xss-protection: 0
server: cafe
etag: 7904785543377395088
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 14:57:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4552 0
0 62ms
55ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6vB2V_NjY4r_AsGVzAb1-baID6799Jtt6uzHoPUQxf6jr54OEAEgxrHhPGCVqpSCoAegAZyv-6gCyAECqAMByAPJBKoEoAJP0B9Z6A6PcpnjNXFiJ7Qhw94BzdO-ik7I-jYa3-BiC_t_Bumdv5rugAWsTKYtGZ9QSUhfWctHjia01HJarlnw3r3dBpKmvWxcRGMzdhLabhzGQsaxFWWNiSHtBMzWiuSA4DHqPIwSZhlWctq26vSj0du3LLMY43gfjkVJqZGHmqPqJ_DtrMhVohZBw2tG7xbInUrNkjhrU8fFc1eC4ZkBcRMYQeI_k0_i2NSYBFiPUBcgIkforWofYyXT_HCR8BMHu5pjB9jdJp73fBPVE11_nUw0I_3RL7Nt-qVfMHv2CbR0lqgdQmLqS6L9Pf21qakSCCNivafTlMAQ8vy8A3l9ABvocV81KSRm5p3m5HjOGa6bE_ZqDdCvoT4DFSaS3rnABI-lyaaSBJIFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJrmCdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTgwNzk0MzMzMjYxMTIwMjMYAA&sigh=neF8zw2xBsU&uach_m=[UACH]&cid=CAQSGwDq26N9inkXQbT2s4--mrypbyMiculkCw6HDBgBIA4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8079433326112023&output=html&h=280&slotname=3485452081&adk=3787936106&adf=3208735096&pi=t.ma~as.3485452081&w=1200&fwrn=4&fwrnh=100&lmt=1667494742&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.polltab.com%2Fbracket-poll%2FURhesZuhuQA&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494742847&bpp=2&bdt=577&idt=151&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4115655696086&frm=20&pv=1&ga_vid=1306534775.1667494743&ga_sid=1667494743&ga_hid=129345856&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070664%2C44775016%2C21066433%2C31060048%2C31065824&oid=2&pvsid=2364989554416404&tmod=1252514405&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kXK0FQ2qCo&p=https%3A//www.polltab.com&dtd=154
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 03 Nov 2022 16:59:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 03 Nov 2022 16:59:03 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 466C 143 B
166 B 11ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8079433326112023&output=html&h=90&slotname=4710844668&adk=1524170152&adf=1041980854&pi=t.ma~as.4710844668&w=728&lmt=1667494742&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.polltab.com%2Fbracket-poll%2FURhesZuhuQA&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494742836&bpp=11&bdt=566&idt=122&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&correlator=4115655696086&frm=20&pv=2&ga_vid=1306534775.1667494743&ga_sid=1667494743&ga_hid=129345856&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070664%2C44775016%2C21066433%2C31060048%2C31065824&oid=2&pvsid=2364989554416404&tmod=1252514405&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6nIxyNt3N6&p=https%3A//www.polltab.com&dtd=159
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2619
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 16:15:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D09 143 B
166 B 12ms
11ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8079433326112023&output=html&h=280&slotname=3485452081&adk=3787936106&adf=3208735096&pi=t.ma~as.3485452081&w=1200&fwrn=4&fwrnh=100&lmt=1667494742&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.polltab.com%2Fbracket-poll%2FURhesZuhuQA&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667494742847&bpp=2&bdt=577&idt=151&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4115655696086&frm=20&pv=1&ga_vid=1306534775.1667494743&ga_sid=1667494743&ga_hid=129345856&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070664%2C44775016%2C21066433%2C31060048%2C31065824&oid=2&pvsid=2364989554416404&tmod=1252514405&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kXK0FQ2qCo&p=https%3A//www.polltab.com&dtd=154
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2619
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 16:15:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2868 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d58664e3e37964863a920cd8503dda62ee1fe2893a2a69baf377fa7c4addcbcb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4552 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d790e30c2df4533be8f8dccbf86718a5d7970ab1349224a422d806141868178

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 466C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
31ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 16:59:03 GMT
expires: Thu, 03 Nov 2022 16:59:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 16:59:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D09
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

75ms
73ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 16:59:03 GMT
expires: Thu, 03 Nov 2022 16:59:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 16:59:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A03 36 KB
16 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Nov 2023 13:15:33 GMT

GET
H3 200 yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js Show response
pagead2.googlesyndication.com/bg/ Frame AC67 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Nov 2023 13:15:33 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/ 150 KB
51 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/reactive_library_fy2021.js?bust=31070664

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29a66c2f241cda2f1589a9d646bf7988951fc01253b868715cb84e65bedf8ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52154
x-xss-protection: 0
server: cafe
etag: 6864927924880749178
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Nov 2022 16:59:04 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 65ms
26ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.polltab.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 55ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.polltab.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/ Frame 79A5 10 KB
4 KB 27ms
10ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.polltab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79720
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 18:50:24 GMT
etag: 2424782735605397694
expires: Wed, 16 Nov 2022 18:50:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/ Frame CDF1 10 KB
4 KB 15ms
11ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.polltab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79720
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 18:50:24 GMT
etag: 2424782735605397694
expires: Wed, 16 Nov 2022 18:50:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 79A5 4 KB
636 B 87ms
63ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 03 Nov 2022 16:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 16:48:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Nov 2022 16:59:04 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 79A5 205 B
744 B 74ms
30ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:55:59 GMT
x-content-type-options: nosniff
age: 185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 03 Nov 2023 16:55:59 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 79A5 604 B
694 B 74ms
31ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:38:25 GMT
x-content-type-options: nosniff
age: 1239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 03 Nov 2023 16:38:25 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/ Frame 79A5 19 KB
8 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

349544eac2a5e347ebc6e23a6ca44ab6531e59c40f5d337ddddf1270608ce257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 14:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7586
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7963
x-xss-protection: 0
server: cafe
etag: 15183902602499586604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 14:52:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CDF1 0
0 78ms
72ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcBjtV_NjY-ufC7yNpt8PjO6fMPqpwshsw5io68AQ2tkeEAEgxrHhPGCVqpSCoAegAc2Fk_MCyAECqAMByAPJBKoEhwJP0GHp0EcBSP-VI-4jZqAAbxlkmZ-gkfKy_3hft74KYb218_YjxtwEUCZ44TBCuKB2gKBC8UK7gu5MxVDq8HjCVchrulMACFUxAPI5WhYRw730z1qKKCeWgaczPX0Xv4g-5R22274biMFQ_Nhh9SWhxk74wqXxgQnnOCca7snxIANNsWXSPojW7KTyQWp_AjkPPN0N9gJvqkfhnFe8XlWWjyfdH3ZJBHeODHN4bk-giTHdQboW9rMhOV_kb9uJuFcH1lGlOJI3R-ftgFdVu9Ir0sZkkA4KGETowk1Yy1E5zWYJIKbUkEfnJdaLoKCBcC43-84zQKqH0x6NZsXLK_4nAuOpNonXRcAE5_Ln7_MDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB8WirJkDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQre0H0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItODA3OTQzMzMyNjExMjAyMxgA&sigh=zczXacNWs4c&uach_m=[UACH]&cid=CAQSGwDq26N9rQyn4iyEERbp5Lc6GKPFqH3TQ5hjPRgBIA4

Requested by

Host: www.polltab.com
URL: https://www.polltab.com/bracket-poll/URhesZuhuQA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 03 Nov 2022 16:59:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame CDF1 23 KB
9 KB 24ms
18ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 12:40:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 12:40:19 GMT

GET
H3 200 7392451588984683216
tpc.googlesyndication.com/simgad/ Frame CDF1 33 KB
33 KB 25ms
21ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7392451588984683216?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnpaaDm5lVPnDa8YocOBFPrR7yRmw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c157c1d8bd2a04781a514405fde0c20298d6ac178aa7ec24f83572bb326e8ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 11:01:24 GMT
x-content-type-options: nosniff
age: 539860
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33590
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 08:22:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 11:01:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame CDF1 3 KB
1 KB 29ms
24ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 16:24:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame CDF1 17 KB
7 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 14:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8621
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 14:35:23 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CDF1 153 KB
47 KB 74ms
43ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 16:59:04 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame CDF1 33 KB
13 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a7c8b587c68526f2c60fd49e7ee891628f72fe2d826a9c4d9d4ddeb1127eaca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 14:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13493
x-xss-protection: 0
server: cafe
etag: 7904785543377395088
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 14:57:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 134A 143 B
166 B 16ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 16:15:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CDF1 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14e95aaa8b833c16666105fe1ff7b3f04bba97e440b6560c5233fed8a92d1b7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6ab016790426e7d037bac2fbd741d34d.js Show response
www.gstatic.com/mysidia/ Frame 91DB 9 KB
4 KB 74ms
41ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6ab016790426e7d037bac2fbd741d34d.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13697b2938b3527230451d30c39cd2212348f6e36d5c6f2bd373c57bd153cad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 08:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4168
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 22:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Feb 2023 08:51:22 GMT

GET
H3 200 75384146912551e6af92dd4c421709bb.js Show response
www.gstatic.com/mysidia/ Frame 91DB 215 KB
76 KB 75ms
43ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/75384146912551e6af92dd4c421709bb.js?tag=leadgen/snom_video_web

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394f2046caf4c2ec0486b45d258031d0d871a48c5eee744e6161dee2388f931c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 23:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77800
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 18:17:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 23:21:03 GMT

GET
H3 200 f811ceb9b4a6a990ad4105fc3f7ba433.js Show response
www.gstatic.com/mysidia/ Frame 91DB 19 KB
8 KB 70ms
39ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b716714eb4fabc3721d120eb31b988e43665b05959a5f60a34a343004ec9930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 21:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:54:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 21:10:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 91DB 6 KB
964 B 78ms
56ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%7CGoogle%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b7dbb2f7ef844758c0558d807709bf405677de40ae3fecf9321f32371deabd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 03 Nov 2022 16:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 15:22:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Nov 2022 16:59:04 GMT

GET
H3 200 mdc_list_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 91DB 27 KB
7 KB 52ms
30ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_list_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 10:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6725
x-xss-protection: 0
server: cafe
etag: 4758454654811317262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 04 Nov 2022 10:05:29 GMT

GET
H3 200 mdc_menu_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 91DB 51 KB
11 KB 50ms
29ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:04:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11613
x-xss-protection: 0
server: cafe
etag: 2759356358486721826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 03 Nov 2022 19:04:06 GMT

GET
H3 200 mdc_menu_surface.min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 91DB 18 KB
5 KB 83ms
62ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_surface.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 04:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4739
x-xss-protection: 0
server: cafe
etag: 18373107336927916518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 04 Nov 2022 04:55:50 GMT

GET
H3 200 mdc_select_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 91DB 103 KB
19 KB 51ms
31ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_select_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 06:19:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19915
x-xss-protection: 0
server: cafe
etag: 10996637669125113147
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 04 Nov 2022 06:19:16 GMT

GET
H3 200 mdc_textfield_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 91DB 58 KB
10 KB 85ms
65ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_textfield_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 03:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10701
x-xss-protection: 0
server: cafe
etag: 7588401036457704084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 04 Nov 2022 03:42:36 GMT

GET
H3 200 mdc_list_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 91DB 31 KB
3 KB 89ms
69ms Stylesheet
text/css 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_list_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 10:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3297
x-xss-protection: 0
server: cafe
etag: 18113988596513574663
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 04 Nov 2022 10:06:06 GMT

GET
H3 200 mdc_menu_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 91DB 3 KB
791 B 84ms
64ms Stylesheet
text/css 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 04:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 766
x-xss-protection: 0
server: cafe
etag: 14497039402300002370
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 04 Nov 2022 04:55:50 GMT

GET
H3 200 mdc_menu_surface_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 91DB 2 KB
739 B 88ms
68ms Stylesheet
text/css 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_surface_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 08:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29044
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 708
x-xss-protection: 0
server: cafe
etag: 18268606943400439583
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 04 Nov 2022 08:55:00 GMT

GET
H3 200 mdc_select_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 91DB 37 KB
4 KB 85ms
66ms Stylesheet
text/css 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_select_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 23:05:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3940
x-xss-protection: 0
server: cafe
etag: 17986137158686949241
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 03 Nov 2022 23:05:29 GMT

GET
H3 200 mdc_textfield_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 91DB 51 KB
5 KB 85ms
66ms Stylesheet
text/css 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_textfield_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 12:54:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4595
x-xss-protection: 0
server: cafe
etag: 17552977722549843295
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 04 Nov 2022 12:54:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 91DB 2 KB
765 B 93ms
74ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 14:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 14:36:49 GMT

GET
H3 200 d4c03f55785283eeb897d635accfb1d3.js Show response
www.gstatic.com/mysidia/ Frame 91DB 22 KB
9 KB 65ms
40ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d4c03f55785283eeb897d635accfb1d3.js?tag=exit_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b351e6602c6419b58a5675311e1b68d5768f68f2efd537f107bedddbc554ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 00:53:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9387
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 22:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 00:53:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 91DB 23 KB
9 KB 54ms
35ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 12:40:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
server: cafe
etag: 12585499704757265805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 12:40:19 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 91DB 3 KB
1 KB 92ms
73ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 16:24:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 91DB 17 KB
7 KB 91ms
73ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 14:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8621
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
server: cafe
etag: 12747696668401323709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 14:35:23 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 91DB 153 KB
47 KB 62ms
43ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 16:59:04 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 134A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

28ms
25ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 16:59:04 GMT
expires: Thu, 03 Nov 2022 16:59:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 16:59:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js Show response
pagead2.googlesyndication.com/bg/ Frame 705D 36 KB
16 KB 59ms
12ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Nov 2023 13:15:33 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 91DB 0
327 B 339ms
111ms Ping
image/gif 2607:f8b0:400c:c34::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~la1bbfn5&c=5275132944169&slotId=2637566472084.5&eee=missing-element&bi=missing-id&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/75384146912551e6af92dd4c421709bb.js?tag=leadgen/snom_video_web
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400c:c34::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 16:59:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2868 42 B
64 B 85ms
64ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstUaaBxRGWcWWUaL30bkcgpwjT1Eze2Timv3GKOTwTXhgC8JcDDRqe8WJn4daE42nmiB8wjcrDhpGrgXrBBxFGQw9sltV4v15HD9B1CYaDRSVpzpm2TjMsvuyRLfTcn7_Ed0Q3TA&sai=AMfl-YTIudpH_KYGQ5MBDUYTVQ1p9YuWEWdyYQNRBNto96IVDoXraQBHBuovhQtJDepM7PgEiKrtRZ7hZZTaJyI&sig=Cg0ArKJSzH_AQNSTCPnIEAE&cid=CAQSGwDq26N9b5GH9Gd9-4jBUt3ir8aXr-0krvQpbBgBIA4&id=lidar2&mcvt=1070&p=0,0,90,728&mtos=1070,1070,1070,1070,1070&tos=1070,0,0,0,0&v=20221102&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1524170152&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667494742997&rpt=790&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 16:59:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

206

videoplayback
r4---sn-4g5lznlz.gvt1.com/ Frame 91DB
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=d5a48dc286a742d0&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1667501944&sparams=ip,ipbits,expire,id,...
https://r4---sn-4g5lznlz.gvt1.com/videoplayback?id=d5a48dc286a742d0&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1667501944&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

859 KB
859 KB

122ms
10ms

Media
video/mp4

2a00:1450:4001:27::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5lznlz.gvt1.com/videoplayback?id=d5a48dc286a742d0&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1667501944&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=5DDCBB537B526E74FB14B36659718B425DBD3DE8.275649D27AB74D019AA414C2E3F0ADDAC6CD3F2D&key=cms1&cms_redirect=yes&mh=rH&mip=2a01:4a0:2b::11&mm=28&mn=sn-4g5lznlz&ms=nvh&mt=1667493550&mv=u&mvi=4&pl=43

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:4001:27::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

be150783c3b6c037a860020dfb2d44644430b8632a0f0b18b9b426725718473d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 03 Nov 2022 16:59:05 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 13:07:16 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-879507/879508
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 879508
expires: Thu, 03 Nov 2022 16:59:05 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Nov 2022 16:59:04 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-4g5lznlz.gvt1.com/videoplayback?id=d5a48dc286a742d0&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1667501944&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=5DDCBB537B526E74FB14B36659718B425DBD3DE8.275649D27AB74D019AA414C2E3F0ADDAC6CD3F2D&key=cms1&cms_redirect=yes&mh=rH&mip=2a01:4a0:2b::11&mm=28&mn=sn-4g5lznlz&ms=nvh&mt=1667493550&mv=u&mvi=4&pl=43
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 702
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 91DB 0
25 B 44ms
44ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoMCAEqCFRvd2VyQWxsCgoIAioGc2VydmVyCi4aIWRpc3BsYXlfbGVhZF9mb3JtX3F1ZXN0aW9uX251bWJlciEAAAAAAAAIQDABCg0QKyEAAAAAAABBQDABEhpDS3FuMVA2OWt2c0NGYnlHNlFVZERQY0hCZyIWbGVhZGdlbi9zbm9tX3ZpZGVvX3dlYigs

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 27ms
26ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221101&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9b4b27e00b9b0c3e736de97213afa612b8907d4bd1a55a75b2e714ab5f3b331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11379
x-xss-protection: 0

GET
H3 200 yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C4A 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Nov 2023 13:15:33 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Nov 2022 16:59:05 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 34E1 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.polltab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 16:58:30 GMT
expires: Fri, 03 Nov 2023 16:58:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F8B8 783 B
534 B 18ms
18ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

730ab237b929f4fee2decc597a33d70c665d51f757ac9298ddb2e74de061ced6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xbsxXKxLlmUe-SG12FOLAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.polltab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-xbsxXKxLlmUe-SG12FOLAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 16:59:05 GMT
expires: Thu, 03 Nov 2022 16:59:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js Show response
pagead2.googlesyndication.com/bg/ Frame 34E1 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Nov 2023 13:15:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F8B8 0
0 41ms
41ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221101&jk=2364989554416404&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 34E1 0
10 B 8ms
7ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jZ-uxg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 16:59:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CDF1 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3c7xp5s9S-gY5_mu0Y1XsnD4NTkbYMcqXdQkhkOv3WGj-jnyyENj_Z-cpVmAW7bnXUV48aDKJQUJfTL0JINPWabPrcxHW3jvq2iWRbsB4Pkg5A8x9RMn0BJg0Ej6h813AeKqZ4w&sai=AMfl-YT2rpSPP4WCVptxI8HUDRqukJUUMNNnMVeBV2-smTke_nDQtD01IrVJL4zIC_yyEcPofWKynKYWjgOzy9w&sig=Cg0ArKJSzOsEfrwu634SEAE&cid=CAQSGwDq26N9rQyn4iyEERbp5Lc6GKPFqH3TQ5hjPRgBIA4&id=lidar2&mcvt=1021&p=0,0,124,1005&mtos=167,844,1021,1190,1257&tos=167,677,177,169,67&v=20221102&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667494744428&rpt=189&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 91DB 0
17 B 320ms
110ms Ping
image/gif 2607:f8b0:400c:c34::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~la1bbfne&c=5275132944169&slotId=2637566472084.5&umsem=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/75384146912551e6af92dd4c421709bb.js?tag=leadgen/snom_video_web
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400c:c34::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 16:59:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 47ms
47ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221101&jk=2364989554416404&bg=!ExClEFTNAAZPh4lnb4c7ACkAdvg8WjQYY0nteDEqEW8uiDek5G9IcGP6N8-FVBz8-QfBInGAqazYwAIAAAEDUgAAAAJoAQeZAqUw3XlZCsfzQZyJk51oR6knuku5wIJVesI0_mzMi0-rW6bBZYpUP_CzroCXPOP2KlfUnnQygP40s1YFmZTNamJ2BcklM8VRhLjlootSDCfrav4Io75yJ48EHrqY-GAA3CHVa4JXChZiCGXt72GAPeCWpjkzQLgXSH6neUHxp8XvXX2GL_jDNMcyb2IwsES9TfWh1EKyZYM9ID8m9MuV9ffbezV9wz2gewMcifGErzfa9c3LK_RSy0-tP-QLaXktXKsXJ5C8zPXpx340MD8oONw3oqQK_yjTC-pUWWfwKKOU0cFLg-Gaqef_pUiUmRLRHuCll3hDBJZbMqFkS2m9l46Bv_VispwO3yLFo64kNQpATLEzWQDiU0yNd5iRUxLVB8JueJeT8dw0pNoJ-ImnUsNtMCZ657b9fCnHYCRIMy7nDFBIeIkqB-zpQrrSuk9ICPW1SEl-CDhHj9m0XnaBKdZUF_oTE6cy6938ytFVyV3zNv6e0eCc7iHDvcOD5kz1v0EKX8X5CSZg0V3rBQi9WSpcFMBgYEwwzgTqfgulBM9FBgeVlsXiEsJsUkS96EJMltVhgpIZSA5x3C3yBDGtw5O7_90I88PGg_Ign09eYTTbbKPzsJhLOuBdYduwRtaNEZRHRFN5Vj8_CCFD4CDQZyaFhlTmqoRIvhoGnvmLktQ39mlzXcMurBIbLAVcHVA2clu13mg4fsODnShID2Zy_0T7Czes2hLMAsMlGDVFeevtrH3zPGPXMftrIGLn7YNHrmt8bOoDnZlEdVo86ERlhZfhCtHK2LXiFO0YjTgUr47gB65hgQrLg_grJKRKyqOHtfsg2pxUpEm6fmUxB4wYB51zxf8xjCQiEvTHAHNH_B5BGnGxJKcR1FWRzxZHUUkXeREpbqDnzQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.polltab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.polltab.com/	1970-01-20 16:47:34	Name: _ga Value: GA1.2.1306534775.1667494743
.polltab.com/	1970-01-20 07:13:01	Name: _gid Value: GA1.2.1436639949.1667494743
.polltab.com/	1970-01-20 07:11:34	Name: _gat Value: 1
.twix.com/	1970-01-20 07:11:36	Name: __cf_bm Value: L6JzHg7FaN3J91HnTrVnJHbKDdThxpKDX19chwaZuUI-1667494742-0-AaogfOXdlFdFVPOboezE1BN2cBOdWK73xd8aDv7Qx4jQUEiljaEYVY8WsNU+q7FM1fKGNmJRP2xcsoJIONEAvc0=
.snickers.com/	1970-01-20 07:11:36	Name: __cf_bm Value: ugMnZVTPgLKF8PIK2Ft4I4DxQNkbn0uyqSV5wvY.XOQ-1667494742-0-AVkdtFmL8YbunJ9oALiuhbEtv5cQV7gXuuRgC8RU9paoQn+JKyJyHxKYQ2K7sGX9uDgqrQaPXhyuFJt498MJigs=
.3musketeers.com/	1970-01-20 07:11:36	Name: __cf_bm Value: bJjbH1yz7tXMkwYiLDlFIU_S45M2d2SmSaresnn4dL0-1667494743-0-AYmbUkZFwsYb3S+oZ5A6dnHJPhGLmbSup0CUs1160kHdAItCmciQqKgzxSMVZGMrSOj5tQSBITjlz2szRHIy/iY=
.polltab.com/	1970-01-20 16:33:10	Name: __gads Value: ID=18ad640de614f2de-22d5977864ce0098:T=1667494742:RT=1667494742:S=ALNI_Ma2OlvelwzaLPTVulhqMZuBZRnTrg
.polltab.com/	1970-01-20 16:33:10	Name: __gpi Value: UID=00000b7c634d977a:T=1667494742:RT=1667494742:S=ALNI_MatKXYaKm6oXt0cchxp2ImKw___rg
.milkywaybar.com/	1970-01-20 07:11:36	Name: __cf_bm Value: qYpld.v46DgHEnueOrfVLRal1gtb01Arc9QKAmon37w-1667494743-0-AVx68wEXQDA7tEhpEEM6aIGmLOEHv575hp+cMze0qFREDvJWKUVTiFy06ZKVGohu6QLickcQU1xHhfzwEbpalC4=
.doubleclick.net/	1970-01-20 16:33:10	Name: IDE Value: AHWqTUkZ11dqtQGga891yyh92pFf5Nal-y3EsJypKscwkEuDK11TBkp2YGNRaAjJslU
.doubleclick.net/	1970-01-20 07:11:38	Name: DSID Value: NO_DATA

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.polltab.com/bracket-poll/URhesZuhuQA Message: Mixed Content: The page at 'https://www.polltab.com/bracket-poll/URhesZuhuQA' was loaded over HTTPS, but requested an insecure element 'http://cdn.shopify.com/s/files/1/0972/7116/products/100_grand_candy_bar_1.5oz_600x.jpg?v=1633467180'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.polltab.com/bracket-poll/URhesZuhuQA Message: Mixed Content: The page at 'https://www.polltab.com/bracket-poll/URhesZuhuQA' was loaded over HTTPS, but requested an insecure element 'http://cdn.shopify.com/s/files/1/0972/7116/products/100_grand_candy_bar_1.5oz_600x.jpg?v=1633467180'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.polltab.com/bracket-poll/URhesZuhuQA Message: Mixed Content: The page at 'https://www.polltab.com/bracket-poll/URhesZuhuQA' was loaded over HTTPS, but requested an insecure element 'http://cdn.shopify.com/s/files/1/0972/7116/products/100_grand_candy_bar_1.5oz_600x.jpg?v=1633467180'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.polltab.com/bracket-poll/URhesZuhuQA Message: Mixed Content: The page at 'https://www.polltab.com/bracket-poll/URhesZuhuQA' was loaded over HTTPS, but requested an insecure element 'http://cdn.shopify.com/s/files/1/0972/7116/products/100_grand_candy_bar_1.5oz_600x.jpg?v=1633467180'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.polltab.com/bracket-poll/URhesZuhuQA Message: Mixed Content: The page at 'https://www.polltab.com/bracket-poll/URhesZuhuQA' was loaded over HTTPS, but requested an insecure element 'http://cdn.shopify.com/s/files/1/0972/7116/products/100_grand_candy_bar_1.5oz_600x.jpg?v=1633467180'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.polltab.com/bracket-poll/URhesZuhuQA Message: Mixed Content: The page at 'https://www.polltab.com/bracket-poll/URhesZuhuQA' was loaded over HTTPS, but requested an insecure element 'http://cdn.shopify.com/s/files/1/0972/7116/products/100_grand_candy_bar_1.5oz_600x.jpg?v=1633467180'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.dribbble.com
cdn.shopify.com
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i5.walmartimages.com
images.heb.com
m.media-amazon.com
pagead2.googlesyndication.com
partner.googleadservices.com
r4---sn-4g5lznlz.gvt1.com
redirector.gvt1.com
s7d2.scene7.com
static.polltab.com
target.scene7.com
tpc.googlesyndication.com
upload.wikimedia.org
uploads.dailydot.com
www.3musketeers.com
www.candywarehouse.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.milkywaybar.com
www.polltab.com
www.snickers.com
www.twix.com
142.93.193.153
162.159.134.68
192.229.220.206
23.11.206.25
2600:9000:224a:5e00:13:3e8b:9e80:93a1
2606:4700:4400::6812:2292
2606:4700:4400::6812:23c7
2606:4700:4400::ac40:9919
2606:4700:4400::ac40:9a88
2606:4700::6811:9803
2606:4700::6811:b03e
2607:f8b0:400c:c34::5e
2620:0:862:ed1a::2:b
2a00:1450:4001:27::9
2a00:1450:4001:801::2001
2a00:1450:4001:801::2004
2a00:1450:4001:803::200e
2a00:1450:4001:806::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a02:26f0:3500:58e::9b6
2a02:26f0:3500:596::9b6
2a02:26f0:480:d::210:f145
2a04:4e42::272
02302974dc6c7d0a920ea44a1722461c1def9096efbdea0407a3a5f4acdab320
04abee578d24c91676d9e97e7dcc2c46db2ab3673f8f62d720d6f0cda4ab41a5
0931c1aee877e47045cd73988f75ebd0031ab38e54c0c50c592b75af5405e18a
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
0b716714eb4fabc3721d120eb31b988e43665b05959a5f60a34a343004ec9930
12e911948e1e352d4c6c7fad7736267a4de8424369f05a860f2085a5a75bfda1
13697b2938b3527230451d30c39cd2212348f6e36d5c6f2bd373c57bd153cad7
14e95aaa8b833c16666105fe1ff7b3f04bba97e440b6560c5233fed8a92d1b7b
15e93289ad98142d8eba93fa1b17574e88236d78b4bd90cb9e9c7d35a107a8b3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ec9332d8aa51354e58e49b70efb6cc3c179a7d500e4b1a6f58e01bdf99f4def
23abcb4523106d7378c20374821ec995cd9ecba6e941d4e462660d2f2e66225d
29a66c2f241cda2f1589a9d646bf7988951fc01253b868715cb84e65bedf8ef9
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
3156b7ce90a41242f2c771829a695a0d20ce8d16f4cffd54d516a93c97595fc2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
349544eac2a5e347ebc6e23a6ca44ab6531e59c40f5d337ddddf1270608ce257
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
37aacc1c63ddd50d2c39141c27419fb2a3a581690a3caa73b37238648ec06253
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
394f2046caf4c2ec0486b45d258031d0d871a48c5eee744e6161dee2388f931c
3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e
3a7e3eb2daaa0b2e56c5f45804ed85c386e4d5c9b04e794758a96b43f446ea63
3b7dbb2f7ef844758c0558d807709bf405677de40ae3fecf9321f32371deabd7
3d790e30c2df4533be8f8dccbf86718a5d7970ab1349224a422d806141868178
3dbff3c2693b9441fcfc79491e9e27f9ff876d1a9b3c4f740a55f0d49870a893
416dd1a02a72c0c2f91d5dded408837f3a80372fc41432c4edbd494639f9fdd8
422d55fe797e1c107df22a9e51cf8272a7b720e418eb08aaed5f65e3e4a0487b
4295d4eaeadd4a12aefa6311a883b2cefc5c76f50e008302a6620bd2a2d125de
4368c884d34c82631cca5d5603e04558cb3cbcb5685cf9e76995207edf7a32ff
4c00aefb2f7f738089d512d14532e129519ae602a38eb0e8d4744b1d6a81a447
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f828b22b226d3905bda9865fa9652250aa0ed5a7948ebccf6d816208ad012f2
530232ef564c00772c6ec8a1a91d5ea5ce7fa0c66a9f4c057b0cc8a65043da60
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a57a793736889d6f191fc8a7f94d35ca4a9f436618ab0aeaf84b98cf121fe90
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a7c8b587c68526f2c60fd49e7ee891628f72fe2d826a9c4d9d4ddeb1127eaca
6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462
702a88e0f8ce37f9edc96fa42f1cc6d5c9d9d733d5204ee8d93f2207076322e2
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
730ab237b929f4fee2decc597a33d70c665d51f757ac9298ddb2e74de061ced6
7897faa822cd17d983b4dc1d31a7e6d2e8181224b5bc82f0016d3875454fc376
7ca49e043f3f33c303715c1fb75acad384ddc4eb8f429951f67ce5c803fb8daa
7fb7e94ede805e4b86ae65f849a45f94bc4919a24a2650be414545ea931e1077
83ac243d595051d06eb37002d70b01925c4c7d25b0ed3c90d545afeb37b1a760
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
89946254b22f8cc2ae332cb09ea83dd6458090e7da30e0471c44d9e544fefd76
924d5a305deb850b0603aa84b4c383e600a97a3b5d4e3fa155b8fe2145c77586
932a1c96e4957a07fe6c7dedda7dde85b431b99e2b15f2ba06d7c5b8ba56660d
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5dcd20776418ca11b4d2ca9c8834389bfe591d65549135eedd579113c2a9d3c
aa7a0935f9dcd82d125adca559ee9b6f933d5ef964bcddf7b42526f571169c95
ad54c0b48529c1f302ea8be35ee549d181d00124bb92600d10386518bad9bffa
b355985cbad8dc2e50680487a8cf6d1717944e56138b7572a2b2892eccf81aaa
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
bbe4b7003043612db8fa83166de6871fe7237d14100cfc221b13ccb04166229c
bc902ef3f225fa35feb4a33954748724a2e472de1f649ec88abb3ae6a86ac6aa
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be150783c3b6c037a860020dfb2d44644430b8632a0f0b18b9b426725718473d
bf011854d4f031fd1ae7c542facf49cae0f7c3c2d4cfe18f0cff4171a1155741
bff79e9a5d843257820ee774327a5ebae8c95a06f2938696c8d326123758fe71
c157c1d8bd2a04781a514405fde0c20298d6ac178aa7ec24f83572bb326e8ee6
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3429b01b4c0d9d856dc4f005a6540e379b0e1d8e54ea0586760ecf6ff099cc0
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
c9b4b27e00b9b0c3e736de97213afa612b8907d4bd1a55a75b2e714ab5f3b331
c9f57221a40b9b09db404e48e302c9118514906b2de5761512e2019ce68e7cf6
cac1efab00116f1d17063447514d478e6b2d4a1ea168be3c5c54dcc71fa650c1
cbed180d191735f369fc81403af8bcb490e1d8d9b2b42fa32dac6de8f92d1933
d11f4c570f936db88f898072fcb6689cac427b356821d59e0c08bed5d8df6973
d2dabb77bf9253694040532175116e1810a65d1b7077836da4a7d340a1415243
d49c3b027da63706160683f78bb498b11b6a21f0130cef1ac11d2d2a34dc9565
d58664e3e37964863a920cd8503dda62ee1fe2893a2a69baf377fa7c4addcbcb
d8b76eae04aa02e5cee5c4b8345b9f980f62f0c1f05f080fd88e9b0186ae569b
dfd7857c91daf82d2aef2a255fdc90687f05719592f93f3fd0890f1f5d3ed747
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10686ef1595d15b3256cecfa06f0ab0ef04d362aef0ed6a2902bc0ad9686734
f247584966b2b82d93b6c4360da3d0058da09b5d975aefdc836548dd498e4ab5
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
f6b351e6602c6419b58a5675311e1b68d5768f68f2efd537f107bedddbc554ce
fbbd29b2dfe564448f07bf7c97a41afb14d6d0ce4a2dc6f6718999c4cb3d8973
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76

www.polltab.com Open in urlscan Pro 142.93.193.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

127 Requests

99 %HTTPS

87 %IPv6

24 Domains

31 Subdomains

30 IPs

3 Countries

8990 kBTransfer

12464 kBSize

11 Cookies

0 Outgoing links

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.polltab.com Open in urlscan Pro
142.93.193.153 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

99 %
HTTPS

87 %
IPv6

24
Domains

31
Subdomains

30
IPs

3
Countries

8990 kB
Transfer

12464 kB
Size

11
Cookies

127 HTTP transactions
3 data transactions