urlscan.io logo urlscan.io
SecurityTrails logo

secure.cdunsigned.com Open in urlscan Pro
104.21.23.118  Public Scan

Go To Rescan Add Verdict Report
URL: https://secure.cdunsigned.com/
Submission: On September 26 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 12 domains to perform 101 HTTP transactions. The main IP is 104.21.23.118, located in and belongs to CLOUDFLARENET, US. The main domain is secure.cdunsigned.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 18th 2021. Valid for: a year.
This is the only time secure.cdunsigned.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

24    104.21.23.118 (None, )

ASN13335 (CLOUDFLARENET, US)
secure.cdunsigned.com
1    142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
ajax.googleapis.com
12    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
pagead2.googlesyndication.com
adservice.google.com
11    13.224.193.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-69.fra2.r.cloudfront.net
ws.sharethis.com
2    18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
l.sharethis.com
2    142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net
ssl.google-analytics.com
11    142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net
apis.google.com
encrypted-tbn0.gstatic.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
partner.googleadservices.com
7    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads.g.doubleclick.net
3    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
www.googletagservices.com
1    142.250.74.205 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f13.1e100.net
accounts.google.com
2    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
1    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
ssl.gstatic.com
2    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
fonts.googleapis.com
13    172.217.16.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f1.1e100.net
tpc.googlesyndication.com
3    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.gstatic.com
3    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f3.1e100.net
fonts.gstatic.com
1    216.58.212.142 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f14.1e100.net
encrypted-tbn3.gstatic.com
1    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net
encrypted-tbn1.gstatic.com
1    209.140.129.82 (United States)

ASN11643 (EBAY, US)
PTR: rover-public-lvsaz01-1-1.ebay.com
www.ebayadservices.com
1    104.75.89.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-51.deploy.static.akamaitechnologies.com
secureir.ebaystatic.com
Domain Requested by
24 secure.cdunsigned.com secure.cdunsigned.com
13 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
11 ws.sharethis.com secure.cdunsigned.com
ws.sharethis.com
10 pagead2.googlesyndication.com secure.cdunsigned.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.gstatic.com
tpc.googlesyndication.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 apis.google.com ws.sharethis.com
apis.google.com
accounts.google.com
5 encrypted-tbn0.gstatic.com googleads.g.doubleclick.net
3 fonts.gstatic.com fonts.googleapis.com
3 www.gstatic.com googleads.g.doubleclick.net
3 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
2 www.google.com apis.google.com
tpc.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
2 ssl.google-analytics.com secure.cdunsigned.com
2 l.sharethis.com ws.sharethis.com
secure.cdunsigned.com
1 secureir.ebaystatic.com
1 www.ebayadservices.com 1 redirects
1 encrypted-tbn1.gstatic.com googleads.g.doubleclick.net
1 encrypted-tbn3.gstatic.com googleads.g.doubleclick.net
1 ssl.gstatic.com accounts.google.com
1 accounts.google.com apis.google.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ajax.googleapis.com secure.cdunsigned.com
101 23

This site contains links to these domains. Also see Links.

Domain
www.cdunsigned.com
www.facebook.com
twitter.com
plus.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-18 -
2022-06-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
sharethis.com
Amazon		 2021-07-19 -
2022-08-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.ebay.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-25 -
2022-08-25		 a year crt.sh

This page contains 13 frames:

Primary Page: https://secure.cdunsigned.com/
Frame ID: 6833AA9CE6115C731FC9ABE7A27C8BE3
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=15&slotname=3854374124&adk=294903504&adf=1258322385&pi=t.ma~as.3854374124&w=468&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866503&bpp=12&bdt=237&idt=91&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&correlator=7422207319706&frm=20&pv=2&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=822&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mR6jY3ftHp&p=https%3A//secure.cdunsigned.com&dtd=104
Frame ID: AE143321292EAF8624C54B1FA24F8E7C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Frame ID: 80B98B538B0E8E2EFB7E0BC0EF67902E
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=240&slotname=5908543374&adk=992070675&adf=654227663&pi=t.ma~as.5908543374&w=120&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866530&bpp=2&bdt=264&idt=102&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124%2C4431810172&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1124&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7daj9Nr2iD&p=https%3A//secure.cdunsigned.com&dtd=107
Frame ID: 0FDA52A221CCFA73776D3F1B9D5717A1
Requests: 14 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=false&origin=https%3A%2F%2Fsecure.cdunsigned.com&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Frame ID: 54D273663016B5705222164EF8217989
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fsecure.cdunsigned.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Frame ID: 31BB9F3EAF1ED48A168690EF67C53043
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js
Frame ID: 93668501E29485559F0DD411BCBD7863
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js
Frame ID: 9756F1740AE1E59133296BC47FFFDA8F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Frame ID: C05B85EB114F732DABE6B02A5DE143E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&adk=1812271804&adf=3025194257&lmt=1632629867&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629867495&bpp=1&bdt=1229&idt=1&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D95b81bc93e748d0a-2215755859c900f1%3AT%3D1632629866%3ART%3D1632629866%3AS%3DALNI_Majv7T_hzt3PvormgJbs5MKvuMf-g&prev_slotnames=3854374124%2C4431810172%2C5908543374&nras=1&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&psts=AGkb-H9KYgFdhnri9IN2VO-RfbbkYqCnkZMiEQEQrLo9G23xHwjVwbXT6W0gor2BdrLwYy7Z9G_sm1szV5U%2CAGkb-H8qWNKNonABId4acreK7wLJI8VU20c78tORomkBym25F5rN2hgRNGxczgJ0HPaf2I-Srkiv3cb7e3o&pvsid=1139829657216753&pem=153&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=16
Frame ID: C6713A861446E98C66C4AF9393F7E915
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B746C88549A05549BCF3B1EBBB9C9910
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3D2EF67550E3862D81754DDC4EFECD19
Requests: 2 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: B3DE6B3299D711138773BFFC6BCAFEAC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CD Unsigned : New music! Unsigned bands! New CDs! You heard it here first!

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

101
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

23
Subdomains

21
IPs

3
Countries

1658 kB
Transfer

3239 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD34ryx8gEQgAkYgQkyCPiLZy55oMCP HTTP 301
  • https://tpc.googlesyndication.com/simgad/12673870504212230304
Request Chain 83
  • https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=711-162166-540511-6&mkcid=4&mkevt=2&mpt=2863356241&gdpr=&gdpr_consent=&siteid=0&adtype=0&size=1x1&ipn=admain2&placement=547447 HTTP 301
  • https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

101 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
secure.cdunsigned.com/ 		34 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.cdunsigned.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6fce29c70a9d3cd4d897dae79b87a382de3031c22696b943f5bb0423798eb0a

Request headers

:method
GET
:authority
secure.cdunsigned.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
content-type
text/html; charset=UTF-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9pmReErCwKbpCDTZUV1wAmTcHbEVuiEqdE%2BuWBvphuEFlEsm1Msw64Xak0i7ViQoMGgZgCE9f8CpJM5NJoCDT8qbxdBRNKX59%2Bm9PlYMa48Yu18NGy34lneOE8yONlTgd74U0E5Vp0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6949af37797fc28b-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
532596eda4_1580414914.css
secure.cdunsigned.com/ccss/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70979fad625ab9090cde420d3e142628aeede9ec487315594f56492562b27361

Request headers

:path
/ccss/532596eda4_1580414914.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 30 Jan 2020 20:08:34 GMT
server
cloudflare
etag
W/"5e3337c2-3755"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22Shrk2wS1CzlPugrKnJGmEz8%2FfLqZVbKK7CMe7%2Ft2ryQlhPS2j%2Fn2t7%2BefmD1M3JTlevzZFQF4Kaj9A57wqk8S7Tct%2Fd8mbg9hD%2BqjZrcfIjsoFn2B1snaoUNWqw%2BRDyLFM%2B%2FoL40U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6949af3849ffc28b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 26 Oct 2021 04:17:46 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:15:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Mon, 26 Sep 2022 04:15:06 GMT
1e5da0f2da_1580414914.js
secure.cdunsigned.com/cjs/ 		200 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdunsigned.com/cjs/1e5da0f2da_1580414914.js
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7f619c5be91f7b36a157fdedeb8d343f23a838fd2aee4d8f39fae802f90994e

Request headers

:path
/cjs/1e5da0f2da_1580414914.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 30 Jan 2020 20:08:34 GMT
server
cloudflare
etag
W/"5e3337c2-31ee2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmrFC2PXrXBm09Y9p64ZkJ7L67AblqV2wHIU1HfZX%2Biu%2BYdaIurIDoPwPdoTSxwQODQGLIBsNyzpECnfMbmOTDQY9U5zhvdSaFghFrAuam4vyObMo%2BdZgIYlGqJfogZf%2FJ9XLraIcZw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6949af384a00c28b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 26 Oct 2021 04:17:46 GMT
cdu-logo-trans.png
secure.cdunsigned.com/img/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/cdu-logo-trans.png
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1dab5441fc5ea9439d17f4adc60e14e65f0c0597598cff7f56802a44d6ee9a0

Request headers

:path
/img/cdu-logo-trans.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34802
last-modified
Fri, 18 Apr 2014 10:49:20 GMT
server
cloudflare
etag
"53510330-87f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtyGeDwkuy0SaLp%2FEOUROAF85lch9VcHKVK3N8WW%2Fss4gsSrnNIo5mrdFE0gpDrhRCLeNYAcbrhUVCg%2F3jbK%2BPEN37roQMPZBrlmYco%2BQWq0uutNcldgI1frgjf88gpIZTjPJNXxYqg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af3968645c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ 		109 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
336440f640addce0e04e15262ac45e00b43c736873cde6e843252c96c44df30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39482
x-xss-protection
0
server
cafe
etag
4732099901074970837
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 26 Sep 2021 04:17:46 GMT
scorpio-dinner-served.jpg
secure.cdunsigned.com/img/covers/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/covers/scorpio-dinner-served.jpg
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ccd0cdee8c57b9ba0bd1fc41aaf8cb863451753d16672c70de56d325152afe6

Request headers

:path
/img/covers/scorpio-dinner-served.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21132
last-modified
Mon, 15 Apr 2013 10:43:44 GMT
server
cloudflare
etag
"516bd9e0-528c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4eZ4YnQMprlVZMvN7zHYJxktx3woMetGOQfSDPcvBurdfKmyB%2F0nMob1j0AL%2F983honuOcG65V6Z8DBwJLjg5gTQz8W%2B%2BUQLdmEf8JHnq4Ala8T%2F63dgnKIETctDCXTIk31HG2RTao%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af39686a5c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
loosehounds-then-suddenly.jpg
secure.cdunsigned.com/img/covers/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/covers/loosehounds-then-suddenly.jpg
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c809bc80cb236eb22cdb9c474f4cf2a8a8290ba6caf21a8d81575977d6e7df18

Request headers

:path
/img/covers/loosehounds-then-suddenly.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15841
last-modified
Mon, 15 Apr 2013 10:41:54 GMT
server
cloudflare
etag
"516bd972-3de1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tH%2BBK4ECWaxth6UGRQfo1vbleVugy57t4MB6FnYG2JVoFN%2FcPu2gC5kKSbe7drV14StUkkUN9bats4pwad0ICVxOglrBTLCZw%2BO3T%2BmZgDIBnlj%2BLbZY8eXNdlkqoSx%2FWyiJKGVI7E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af39686d5c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
nelsen-adelard-voodou-by-you.jpg
secure.cdunsigned.com/img/covers/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/covers/nelsen-adelard-voodou-by-you.jpg
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88d9c8377ce13663396947a1c449913f083e08a0a82108ff8045b21ab717d277

Request headers

:path
/img/covers/nelsen-adelard-voodou-by-you.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22399
last-modified
Tue, 08 Dec 2015 13:25:31 GMT
server
cloudflare
etag
"5666da4b-577f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOsWBNa7ovs999MjVVOMFKrOQmcccAzF1RzgQdzqPJ5Cl4oueBQ2RxwCwssdU5FAEZif2nwsRVyjL2f4Y21PL7MLNTG8S6rocLsiE%2FGDeW9PrzHYPD1E2Be5nPnXa6qBtn1jtiUWulo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af3968705c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
alex-giordani-essence.jpg
secure.cdunsigned.com/img/covers/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/covers/alex-giordani-essence.jpg
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbf97dae09e688047925aeb5a6877cbb39a4c2db81baa7026322a86fee666b4f

Request headers

:path
/img/covers/alex-giordani-essence.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11116
last-modified
Mon, 15 Apr 2013 10:38:34 GMT
server
cloudflare
etag
"516bd8aa-2b6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnbJpf2cTp9yl6gj1fBqAapy7ZCeiMaVic8pVSp8uWNnmqqo6FaKnZDEKotwWVAQ2AcJP1LcMZlf6meAXE0g2xX3H%2FD4hg4hGo94gyP1GrIi4rerUCM7s47WVaj84jliDA2LMT%2F%2BwSc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af3968725c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
todd-mcneal-with-emma-lewendon-all-my-good-intentions.jpg
secure.cdunsigned.com/img/covers/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/covers/todd-mcneal-with-emma-lewendon-all-my-good-intentions.jpg
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe6b47572eeffd760989907f1d33335c2d32ebc97d12abe305ff2a2c9deac22f

Request headers

:path
/img/covers/todd-mcneal-with-emma-lewendon-all-my-good-intentions.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10920
last-modified
Mon, 15 Apr 2013 10:44:18 GMT
server
cloudflare
etag
"516bda02-2aa8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eAwOFKDjZgwCZ6fyac%2Bc%2FTW%2FJY3%2BLM4VVxuHLdmv6El1Kt%2B3KKvendLPQgdPzvGOBlM6VRuprf7h%2Bon%2FAHUtuCR8oh59fYSPyB%2Ft6lETqYfvI9%2FnBcwml0QL6WEymZohRWeSWpOjpWY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af3968735c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
nicky-saunders-reflections.jpg
secure.cdunsigned.com/img/covers/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/covers/nicky-saunders-reflections.jpg
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab66a0c168283eef024334d4aba29534a427377c9d28261142f15f62dbd24976

Request headers

:path
/img/covers/nicky-saunders-reflections.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17213
last-modified
Mon, 15 Apr 2013 10:42:34 GMT
server
cloudflare
etag
"516bd99a-433d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJYJSUrAbDlmQG%2BBqcHWjx4FSoXbDE5XEqXz%2BBeDdmpdlEo8qqO4tlecut%2B%2FvHy8RnbeWhnwMPswOh1mEXdgd3OdNCCrCCJNt2h1ACpCC1leE7s7FTeD6gE8DUwDOpIlq0VxsRCW%2Fb8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af3968755c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
the-love-family-when-time-meant-nothing-ep.jpg
secure.cdunsigned.com/img/covers/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/covers/the-love-family-when-time-meant-nothing-ep.jpg
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02d12a7e9f88ce45449a2a4440423d08040d82f64657851548b5acda1645e964

Request headers

:path
/img/covers/the-love-family-when-time-meant-nothing-ep.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8635
last-modified
Fri, 21 Oct 2016 13:01:20 GMT
server
cloudflare
etag
"580a11a0-21bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Qgn0OcA%2BMllcwuGPrvifS6C5KEyC452%2FF590l7CUksRyJ6lFSfnvzsSE7Vg9Opfh2ADW8vfigupZzEGOWf6piIp%2BDh5TOld6MfECFi58Q80GLvgFUu%2FRGFaARyh2LI03sH%2Bb96I%2FXw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af3968775c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
mark-james-and-the-technicolor-vibe-dangerous-guitars.jpg
secure.cdunsigned.com/img/covers/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/covers/mark-james-and-the-technicolor-vibe-dangerous-guitars.jpg
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf1e3a4f47f40b7876c800629857888c841908c2234b7880ea8544c1e418ac3b

Request headers

:path
/img/covers/mark-james-and-the-technicolor-vibe-dangerous-guitars.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18373
last-modified
Sat, 03 Sep 2016 10:56:14 GMT
server
cloudflare
etag
"57caac4e-47c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUOSDUGg%2BxH7XDylslEp4OA6bIocfgZHAP0PjedPUHIRqAUBa1W50GpsTdISQTH88%2B%2B4CPA5kEudS25R5jEtMP8VzKePsiSYd53x21MSmsibY%2BOuGIgrgFwNIe5mASczLBPdMSMvMfg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af3968785c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
atomised-virtual-strangers.jpg
secure.cdunsigned.com/img/covers/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/covers/atomised-virtual-strangers.jpg
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
692cc545d8abe00deae378bc460f9f73a7f454a49b49eba5db420e883bd75fd7

Request headers

:path
/img/covers/atomised-virtual-strangers.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15939
last-modified
Fri, 03 Jun 2016 11:03:31 GMT
server
cloudflare
etag
"57516403-3e43"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWHqQSnbFaT642Dyn6xmu%2BSIWFFqZXj5l3e8d99QohaXmd7%2FhZb5Zc%2FB87CW%2BQAuOOFlLU4JCTMFisMqz6EumkFi51k0XsNCZGy0h4WGNLfWe3wL8GMfaFn9qqFx3rnopg%2FIajVU1vU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af3968795c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
helder-oliveira-for-eternity.jpg
secure.cdunsigned.com/img/covers/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/covers/helder-oliveira-for-eternity.jpg
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eec9d7dfdd93ec3dd995676f9434b93a57bacbbb71de3e1695b995d79beb5389

Request headers

:path
/img/covers/helder-oliveira-for-eternity.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7147
last-modified
Mon, 15 Feb 2016 14:58:17 GMT
server
cloudflare
etag
"56c1e789-1beb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1S5Lou1c8Cd2UArqGBPbye1a3OoS0ALLbY6%2Fnd9FflaU1FvckWhWHfdAfIk44YdX%2FaSuWIab7Vwg0eDrKSCrcKZJdK3prGrHbjkHP3%2FBH18Dx2lSXXG4S275gkxLsyCuqR0AB4xE68%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af39687a5c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
annmarie-litany-of-the-saints.jpg
secure.cdunsigned.com/img/covers/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/covers/annmarie-litany-of-the-saints.jpg
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc648acf97525822df35fbef5c84bf45c870082f2be7e790b4789c071413241

Request headers

:path
/img/covers/annmarie-litany-of-the-saints.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15635
last-modified
Tue, 02 Feb 2016 14:17:06 GMT
server
cloudflare
etag
"56b0ba62-3d13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJAhxkWJRsLmsvuQuN%2FrSDdOBFr5G6j1g0ODJNHH4WGOyIP2zxRNhSz%2FccEAOWo%2BuUEJieqQN7NaMFLcZiMNJ%2ByeJAWHong6WsCPrg96SUEnwJchGCAAbJ3aVBuLHn65%2BtmzqFcv05Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af39687b5c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
annmarie-I-love-you-more.jpg
secure.cdunsigned.com/img/covers/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/covers/annmarie-I-love-you-more.jpg
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca079c3a95bfe4df7e1111b2594135611b3baf70e44feb546066e77081ee78f4

Request headers

:path
/img/covers/annmarie-I-love-you-more.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14955
last-modified
Tue, 26 Jan 2016 13:42:26 GMT
server
cloudflare
etag
"56a777c2-3a6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmYf4pYmYzG%2FflWBVb2lqdHTU5%2FzthNr7cYLKyw6M3JJgkUxtAk%2FAuPUMZZlgHotY%2F1GjQ4Ja6ttOaTmGCftyrYMRf2RJLsRJIu75h4GEMXEYFJDf0jgg8xDsCH2EdGtP%2BrGZhP1URY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af39687c5c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
find_us_on_facebook.png
secure.cdunsigned.com/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/find_us_on_facebook.png
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aabffb648b42883485ff2f5adaa6ce307dd24e522b3bf071965450309ab7441b

Request headers

:path
/img/find_us_on_facebook.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2434
last-modified
Tue, 13 Mar 2012 11:59:47 GMT
server
cloudflare
etag
"4f5f36b3-982"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRPtAMpKCyzZbA6HZP7xfg8ufB%2BaxdjwoYJPmI%2Bdzw%2Ffjbp%2B%2FmD4zRHjXGcBbDubCrSnhRvJhiYQ1SDelT136Sfbc0yZsUiSpApZmUve4lvjuyAx5jWahjmsXYb5%2FVYe%2FZxbryKK23s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af39687d5c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
follow_us_on_twitter.png
secure.cdunsigned.com/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/follow_us_on_twitter.png
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33a282f8dbd6fb2323f2f4d7d292d83da258dcec485a0ea4cc09880dc45fbbe3

Request headers

:path
/img/follow_us_on_twitter.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5860
last-modified
Tue, 13 Mar 2012 11:59:47 GMT
server
cloudflare
etag
"4f5f36b3-16e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xlezJdkocs8SKo9reNkvQYZzCBq13%2FHmPNjjJ%2BK3a9ni7yGrlilkqO7rhSKk3smJWI%2BfeuZUq0HehDgIROf%2FF5vlR363xVuiMN5VcQ5sNI4khYwepeXpjG6hv5W113JwMCk99sauT80%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af39687e5c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
google_plus.png
secure.cdunsigned.com/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/google_plus.png
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99d513ae70dac6c99271d5bf99733a1f70849d0623635d21d547d5294cb18360

Request headers

:path
/img/google_plus.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2526
last-modified
Tue, 13 Mar 2012 11:59:47 GMT
server
cloudflare
etag
"4f5f36b3-9de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=joCBtuyTEieVA8eFtHrZXANaDnKkdZB3gLoX5TlTT5K0023bD5Ud6OdkQOuFgyh3dS1dWWXPZzeRGDv8hOiM2UeuNtSdLwedOJbbXycs6tFrbfbbckHF%2Fe1larOWpOMo4okJVpxLCw4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af39687f5c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
payment_methods.png
secure.cdunsigned.com/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/payment_methods.png
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95ea6ecff0826b3cf6570d40a2e3ceff6dea46e113f36a8866bb1fa85b4ad47a

Request headers

:path
/img/payment_methods.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6018
last-modified
Tue, 13 Mar 2012 11:59:47 GMT
server
cloudflare
etag
"4f5f36b3-1782"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYbXUexPcXALHGRdTnXm0S1EnXK%2BTCijGeU0aFLtL%2B%2F1smBWWggWGVp60U5ZZ0Nuwf%2BsZUGGX7qVkLuI%2BHGQP2nhoginF3dkuZFAIzx6yyR5FV6cxsaDb8VdiNTv%2B0WWoWfL9jv4iks%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af3968805c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
buttons.js
ws.sharethis.com/button/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/buttons.js
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-69.fra2.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
307a78514afff091b8497deeccd07003f864099b4b184edbcfa6b3a640be639a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 05:23:43 GMT
content-encoding
gzip
server
nginx/1.20.1
age
82443
etag
W/"612ef1bd-e72a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
x-robots-tag
noindex, nofollow
content-length
16417
x-amz-cf-id
9tL0oQo3mazf-9Hkcqi0BkuCveJX8K4pGHZZJ32nFdztkEFabvBFQQ==
expires
Tue, 28 Sep 2021 05:23:43 GMT
background.jpg
secure.cdunsigned.com/img/ 		208 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/background.jpg
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1952d458dad1b2a0cc515456b0091e0eef0e3f4f468d3942c039db25bad4724

Request headers

:path
/img/background.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
213075
last-modified
Mon, 15 Apr 2013 10:49:14 GMT
server
cloudflare
etag
"516bdb2a-34053"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LvvBSLBXkCUoTqVgbFBmq3NGwQ3DigekSo369Tf2q8IQ9eJfqK1Eno8sxUH%2F%2Fxv2lq1hz%2BynkedP4990NapsfyfbgBOu4tT5uAcYA4JynGIKsF7FbuDx2zWLUn90SAHmv8LsLidKaM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af3968825c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
button-blue.png
secure.cdunsigned.com/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/button-blue.png
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed3de4f3ca1518e886b165199e2654f0c0cddaecae636240c037b3fd398aa1c7

Request headers

:path
/img/button-blue.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5535
last-modified
Mon, 15 Apr 2013 10:49:14 GMT
server
cloudflare
etag
"516bdb2a-159f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IaN2WmUHCUvk5AaZKL3T7Vmof07TIifjOQWJyqc460F4lL1aLpVH%2FD7erUUcmkPhpaf%2FkaFQaYLYyyT%2BMsb5NgRgF%2FqH7b4guzH6gj3uPE%2F3Njh%2FliXsEy%2ByTvcmyseCiXLyFEcl8Qo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af3968835c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/ 		255 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
701de3c4051aa7c7097b5209359dfa919f7bd67cb2a6d54d53706f96163fe894
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96563
x-xss-protection
0
server
cafe
etag
7060619430629612648
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Sep 2021 04:17:46 GMT
async-buttons.js
ws.sharethis.com/button/ 		89 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/async-buttons.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-69.fra2.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:20:11 GMT
content-encoding
gzip
age
100655
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
18813
server
nginx/1.20.1
etag
W/"612ef1fd-16245"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
MrpCGAw4_2Pin2___DCwf0upm0kLujBB2ZjC43W5TM7wzYS2lTPgWg==
expires
Tue, 28 Sep 2021 00:20:11 GMT
pview
l.sharethis.com/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1632629866534.43763&hostname=secure.cdunsigned.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&title=CD%20Unsigned%20%3A%20New%20music!%20Unsigned%20bands!%20New%20CDs!%20You%20heard%20it%20here%20first!&sop=false&description=The%20biggest%20British%20online%20CD%20store%20for%20unsigned%20bands!%20New%20and%20emerging%20music!%20Discover%20CDs%20by%20the%20hottest%20unsigned%20bands%2C%20released%20by%20the%20bands%20themselves.%20Listen%20to%20tracks%20from%20their%20CDs%20online.%20Sell%20your%20CD%20online.
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 04:17:46 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://secure.cdunsigned.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4819
date
Sun, 26 Sep 2021 02:57:27 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sun, 26 Sep 2021 04:57:27 GMT
back-to-top-arrow.png
secure.cdunsigned.com/img/ 		796 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/back-to-top-arrow.png
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8945dbe7882b2378f00eced866866c9a3d1f1842f9e94cefbd8b450b7c0ec37d

Request headers

:path
/img/back-to-top-arrow.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
796
last-modified
Fri, 18 Apr 2014 10:49:20 GMT
server
cloudflare
etag
"53510330-31c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Od2st13%2BnYQZgWTaG%2FXHkGss%2BU1KRUDqJ%2FRvkLsG8u2N8y51gxCzCDNdvaNLc6jVUptslvNkzM2RCQGaJcMmR2AL9%2BI92MgYWRdixkQ4y6k1P%2FwF8QoSym%2BDjRsYF%2Fw4Sq991Yg3wRk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af39d9205c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
menu_arrow.gif
secure.cdunsigned.com/img/ 		61 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.cdunsigned.com/img/menu_arrow.gif
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6364ce957ac0a42c9313de0c28ceb815ed22e36d5f71eb123d6d791eb539dddf

Request headers

:path
/img/menu_arrow.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.cdunsigned.com
referer
https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
61
last-modified
Mon, 15 Apr 2013 10:49:14 GMT
server
cloudflare
etag
"516bdb2a-3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7FNCDGhKamn%2B3TzGTL7xzUVKdYLa8Nnf6rPiLh4LWJudcHvkFd8%2BNouRBjh6Kspkx6ZAXaxiaU2MRHEUtpOe2A1Itfj7lSuOO%2FU%2FfcK9dz7ykn3T1up5PAHpRyVv7yHB4tKwcBl0%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6949af39e9295c6e-FRA
expires
Tue, 26 Oct 2021 04:17:46 GMT
buttons-secure.css
ws.sharethis.com/button/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/css/buttons-secure.css
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-69.fra2.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 11:37:33 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 03:22:38 GMT
server
nginx/1.20.1
age
60013
etag
W/"612ef1fe-5a76"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
text/css
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-robots-tag
noindex, nofollow
content-length
3851
x-amz-cf-id
A8VN3EKsNiWP0V80dOcnj_Fih9VlRKF_SrqjWhA3Ls46odkTIPlpeg==
plusone.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
ESF /
Resource Hash
cf4aa82a277dcc9151be7cad6bec03563daf4ac182b606f652b6265fdd010157
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-+iWBGOAb19zsV9XkXGy5cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"c34d224d0ee061f3752d1f91e397a052"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-+iWBGOAb19zsV9XkXGy5cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Sun, 26 Sep 2021 04:17:46 GMT
facebook_counter.png
ws.sharethis.com/images/2017/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/facebook_counter.png
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-69.fra2.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 03:47:34 GMT
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
server
nginx/1.20.1
age
2161812
etag
"612ef1b8-977"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
2423
x-amz-cf-id
mCeVjEbQh0pMR1enn9YqVOt7LlBnPog_s2CIRCmhk38XUMtOVH4zCQ==
expires
Thu, 01 Sep 2022 03:47:34 GMT
twitter_counter.png
ws.sharethis.com/images/2017/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/twitter_counter.png
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-69.fra2.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 03:47:34 GMT
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
server
nginx/1.20.1
age
2161812
etag
"612ef1b8-9ae"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
2478
x-amz-cf-id
tfVqWrU07NsQJ99ZaX5t0TXjPjwO5vh5a2rLVKJcANJ8FumP5LdZYg==
expires
Thu, 01 Sep 2022 03:47:34 GMT
email_counter.png
ws.sharethis.com/images/2017/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/email_counter.png
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-69.fra2.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
af6c4b21f7b4a51cf290db1dc17ff613cd7db54e14574587bebb6b9cf2a2082d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 03:47:34 GMT
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
server
nginx/1.20.1
age
2161812
etag
"612ef1b8-741"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
1857
x-amz-cf-id
5K7Dc3FnyuRu3mgZr6sRAdr1Y4nf7XbGkFB5nnwZdo8tNL9q_-94aw==
expires
Thu, 01 Sep 2022 03:47:34 GMT
sharethis_counter.png
ws.sharethis.com/images/2017/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/sharethis_counter.png
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-69.fra2.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
4e2b38b4f0180fd5671604c482ae7b38eaa7d3b008099314bd261206045b0413

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 03:47:34 GMT
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
server
nginx/1.20.1
age
2161812
etag
"612ef1b8-a58"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
2648
x-amz-cf-id
FH0QYxvB2VyhiYBmRxh1ecniuo8tDxQQsOb9IgSMr1nlhT3PmWIbDA==
expires
Thu, 01 Sep 2022 03:47:34 GMT
myspace_16.png
ws.sharethis.com/images/2017/ 		658 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/myspace_16.png
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-69.fra2.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
20340b54ea09c9d922e1fc489c630d6b350007da4d1c05db13c96e93d3a78931

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 03:48:06 GMT
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
server
nginx/1.20.1
age
2161780
etag
"612ef1b8-292"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
658
x-amz-cf-id
oxTwXplm20SsUd74GZU07D73tqV3BKy0LCN_UHMtwdG81QXXBJz6FQ==
expires
Thu, 01 Sep 2022 03:48:06 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1098682970&utmhn=secure.cdunsigned.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=CD%20Unsigned%20%3A%20New%20music!%20Unsigned%20bands!%20New%20CDs!%20You%20heard%20it%20here%20first!&utmhid=406595514&utmr=-&utmp=%2F&utmht=1632629866587&utmac=UA-22407169-1&utmcc=__utma%3D100091420.1344052575.1632629867.1632629867.1632629867.1%3B%2B__utmz%3D100091420.1632629867.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1949893217&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 04:17:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		204 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=secure.cdunsigned.com&callback=_gfp_s_&client=ca-pub-1131770512284883
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
b8997711fa3c5fdd9a6addcf838c2cab29c7dd6e112baa484101d0d63d8b2843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=secure.cdunsigned.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Sep 2021 04:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AE14 		603 B
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=15&slotname=3854374124&adk=294903504&adf=1258322385&pi=t.ma~as.3854374124&w=468&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866503&bpp=12&bdt=237&idt=91&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&correlator=7422207319706&frm=20&pv=2&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=822&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mR6jY3ftHp&p=https%3A//secure.cdunsigned.com&dtd=104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1131770512284883&output=html&h=15&slotname=3854374124&adk=294903504&adf=1258322385&pi=t.ma~as.3854374124&w=468&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866503&bpp=12&bdt=237&idt=91&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&correlator=7422207319706&frm=20&pv=2&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=822&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mR6jY3ftHp&p=https%3A//secure.cdunsigned.com&dtd=104
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.cdunsigned.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 26 Sep 2021 04:17:46 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 26-Sep-2021 04:32:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 26 Sep 2021 04:17:46 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27652
x-xss-protection
0
server
sffe
etag
"1632310961004595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sun, 26 Sep 2021 04:17:46 GMT
pview
l.sharethis.com/ 		0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1632629866534.43763&hostname=secure.cdunsigned.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&title=CD%20Unsigned%20%3A%20New%20music!%20Unsigned%20bands!%20New%20CDs!%20You%20heard%20it%20here%20first!&sop=false&description=The%20biggest%20British%20online%20CD%20store%20for%20unsigned%20bands!%20New%20and%20emerging%20music!%20Discover%20CDs%20by%20the%20hottest%20unsigned%20bands%2C%20released%20by%20the%20bands%20themselves.%20Listen%20to%20tracks%20from%20their%20CDs%20online.%20Sell%20your%20CD%20online.&description=The%20biggest%20British%20online%20CD%20store%20for%20unsigned%20bands!%20New%20and%20emerging%20music!%20Discover%20CDs%20by%20the%20hottest%20unsigned%20bands%2C%20released%20by%20the%20bands%20themselves.%20Listen%20to%20tracks%20from%20their%20CDs%20online.%20Sell%20your%20CD%20online.&img_pview=true
Requested by
Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 04:17:46 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
ads
googleads.g.doubleclick.net/pagead/ Frame 80B9 		105 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
98326220a0183a780550aa1e150e0ec12071607128ed2bf309fecbaaf5046f21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.cdunsigned.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 26 Sep 2021 04:17:47 GMT
server
cafe
content-length
29836
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 26-Sep-2021 04:32:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 26 Sep 2021 04:17:47 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 0FDA 		81 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=240&slotname=5908543374&adk=992070675&adf=654227663&pi=t.ma~as.5908543374&w=120&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866530&bpp=2&bdt=264&idt=102&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124%2C4431810172&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1124&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7daj9Nr2iD&p=https%3A//secure.cdunsigned.com&dtd=107
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
b529a626b28bdeead37899ec193eb42bda1804d7e904ca1e7ac449cd533a1b22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1131770512284883&output=html&h=240&slotname=5908543374&adk=992070675&adf=654227663&pi=t.ma~as.5908543374&w=120&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866530&bpp=2&bdt=264&idt=102&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124%2C4431810172&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1124&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7daj9Nr2iD&p=https%3A//secure.cdunsigned.com&dtd=107
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.cdunsigned.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 26 Sep 2021 04:17:47 GMT
server
cafe
content-length
26945
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 26-Sep-2021 04:32:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 26 Sep 2021 04:17:47 GMT
cache-control
private
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
2ecc45ef1d382035c1367ab078ad6f52bae305feaa6dc5ac2c17908d8f7e2a55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 22:36:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
366065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51514
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Wed, 21 Sep 2022 22:36:41 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 		96 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
cc8faf4ebe94f92af1aa97b73f052409171ff69671a93028fd57a726d1a49dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 13:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314248
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33901
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Thu, 22 Sep 2022 13:00:18 GMT
fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 54D2 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=false&origin=https%3A%2F%2Fsecure.cdunsigned.com&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
/
Resource Hash
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8

Request headers

:method
GET
:authority
apis.google.com
:scheme
https
:path
/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=false&origin=https%3A%2F%2Fsecure.cdunsigned.com&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.cdunsigned.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=Nyw4uqsnvlsxyxs-qiz31fCejmcTicn9gUn5Fe6Gh5bfdziDTHd5heHHyCkCJ9VTVAgZyegr06tVEYW05ido5LeRbOb1mfel93EhPdJ_OvCMMEl8YD92jcke5Xg2NQzl6NZaBMrNI4Lv50WjTvm9sT8yXYZBnQN3T8Ev5euopXU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/

Response headers

content-type
text/html; charset=UTF-8
referrer-policy
no-referrer
content-length
1585
date
Sun, 26 Sep 2021 04:17:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
postmessageRelay
accounts.google.com/o/oauth2/ Frame 31BB 		566 B
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fsecure.cdunsigned.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.205 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f13.1e100.net
Software
ESF /
Resource Hash
2016beacdfc12fd9dd153c0f85a8e607b3f94c329c5e2f2ce8634de32a771c41
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R9jfwCZve4e3mJikSrvVBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fsecure.cdunsigned.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.cdunsigned.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=Nyw4uqsnvlsxyxs-qiz31fCejmcTicn9gUn5Fe6Gh5bfdziDTHd5heHHyCkCJ9VTVAgZyegr06tVEYW05ido5LeRbOb1mfel93EhPdJ_OvCMMEl8YD92jcke5Xg2NQzl6NZaBMrNI4Lv50WjTvm9sT8yXYZBnQN3T8Ev5euopXU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 26 Sep 2021 04:17:46 GMT
content-security-policy
script-src 'report-sample' 'nonce-R9jfwCZve4e3mJikSrvVBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 54D2 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
Requested by
Host: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=false&origin=https%3A%2F%2Fsecure.cdunsigned.com&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
sffe /
Resource Hash
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apis.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 26 Sep 2021 04:17:46 GMT
2607672972-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame 31BB 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/2607672972-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fsecure.cdunsigned.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
8874eb2e4480aca2c2cbb14e2309ad6e153676c1e12231ef79fecbfbc3ac66da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 10:12:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4308
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 20:12:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="federated-signon-mpm-access"
expires
Sun, 25 Sep 2022 10:12:18 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame 31BB 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fsecure.cdunsigned.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
ESF /
Resource Hash
87629cd57dbd6b0971f759ce88e454d939a2275b69e9a113c1f421d2dcf4d4bd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-G6gMHEJ4t/MzxiOUCLwprg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"9c5a8574bdf283ce8259de0154ce003e"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-G6gMHEJ4t/MzxiOUCLwprg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Sun, 26 Sep 2021 04:17:46 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ Frame 31BB 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
8b4ca02afc05579b79ae3765ccff134871e2ed02f8f7c133efdc8b779ee3deb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 10:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
323608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18128
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Thu, 22 Sep 2022 10:24:18 GMT
css
fonts.googleapis.com/ Frame 0FDA 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=240&slotname=5908543374&adk=992070675&adf=654227663&pi=t.ma~as.5908543374&w=120&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866530&bpp=2&bdt=264&idt=102&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124%2C4431810172&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1124&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7daj9Nr2iD&p=https%3A//secure.cdunsigned.com&dtd=107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 26 Sep 2021 03:49:55 GMT
server
ESF
date
Sun, 26 Sep 2021 04:17:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 26 Sep 2021 04:17:47 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 0FDA 		1 KB
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=240&slotname=5908543374&adk=992070675&adf=654227663&pi=t.ma~as.5908543374&w=120&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866530&bpp=2&bdt=264&idt=102&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124%2C4431810172&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1124&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7daj9Nr2iD&p=https%3A//secure.cdunsigned.com&dtd=107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
cafe /
Resource Hash
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:23:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10428
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
852
x-xss-protection
0
server
cafe
etag
14170629819630813772
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Oct 2021 01:23:59 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 0FDA 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=240&slotname=5908543374&adk=992070675&adf=654227663&pi=t.ma~as.5908543374&w=120&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866530&bpp=2&bdt=264&idt=102&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124%2C4431810172&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1124&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7daj9Nr2iD&p=https%3A//secure.cdunsigned.com&dtd=107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
cafe /
Resource Hash
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
489
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7635
x-xss-protection
0
server
cafe
etag
15605042170853735879
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Oct 2021 04:09:38 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 0FDA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=240&slotname=5908543374&adk=992070675&adf=654227663&pi=t.ma~as.5908543374&w=120&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866530&bpp=2&bdt=264&idt=102&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124%2C4431810172&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1124&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7daj9Nr2iD&p=https%3A//secure.cdunsigned.com&dtd=107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 03:57:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1202
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Oct 2021 03:57:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0FDA 		128 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=240&slotname=5908543374&adk=992070675&adf=654227663&pi=t.ma~as.5908543374&w=120&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866530&bpp=2&bdt=264&idt=102&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124%2C4431810172&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1124&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7daj9Nr2iD&p=https%3A//secure.cdunsigned.com&dtd=107
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39662
x-xss-protection
0
server
sffe
etag
"1632310973010379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sun, 26 Sep 2021 04:17:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 0FDA 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=240&slotname=5908543374&adk=992070675&adf=654227663&pi=t.ma~as.5908543374&w=120&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866530&bpp=2&bdt=264&idt=102&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124%2C4431810172&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1124&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7daj9Nr2iD&p=https%3A//secure.cdunsigned.com&dtd=107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
cafe /
Resource Hash
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 03:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
x-xss-protection
0
server
cafe
etag
15606800361334891596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Oct 2021 03:28:07 GMT
a05f1579543550f3e279366fb116adbd.js
www.gstatic.com/mysidia/ Frame 0FDA 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a05f1579543550f3e279366fb116adbd.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=240&slotname=5908543374&adk=992070675&adf=654227663&pi=t.ma~as.5908543374&w=120&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866530&bpp=2&bdt=264&idt=102&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124%2C4431810172&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1124&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7daj9Nr2iD&p=https%3A//secure.cdunsigned.com&dtd=107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 03:58:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
260334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11147
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 03:50:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 22 Dec 2021 03:58:53 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0FDA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=COwSgavRPYf_uJ5aZ3gOU4ZegCcG064plvabFzLMOhYjMlI0OEAEgrI3XH2DJBqABqbn_yQPIAQmpAmKyfQCWCH8-qAMByAPLBKoEzAFP0Eg3CkctVKMEUqq1y3LeS8ZqEfGydAyY9Bch7pyeQQMScj_0-tcGp8UXA674GEvqKIv5ke-gr2fT84ALcvWmfvDXmkFxbt2Q-4mXPo7nKIdE-tRclJog_F9_h2HrA4yVApqSDrQyLI015N_wsky0zQ2Y13bj4ugauAvhB7GP-79omPK5OSjqKyrxnDk-2XkoA3ibcb1kUVcWvy8QsZi5sLqinuseIfT4XmGSTEtDmlGXJ3H8wiSTyAldd24nrytGzthiVUU_W6g7YwTABIix-I_dA5IFBAgEGAGSBQQIBRgEoAYugAfPhrc0qAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBBDy1wvSCAcIgGEQARgfgAoByAsBuBOIJ9gTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi0xMTMxNzcwNTEyMjg0ODgzGAA&sigh=wuJmW6Su-No&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=240&slotname=5908543374&adk=992070675&adf=654227663&pi=t.ma~as.5908543374&w=120&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866530&bpp=2&bdt=264&idt=102&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124%2C4431810172&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1124&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7daj9Nr2iD&p=https%3A//secure.cdunsigned.com&dtd=107
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=240&slotname=5908543374&adk=992070675&adf=654227663&pi=t.ma~as.5908543374&w=120&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866530&bpp=2&bdt=264&idt=102&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124%2C4431810172&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1124&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7daj9Nr2iD&p=https%3A//secure.cdunsigned.com&dtd=107
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 26 Sep 2021 04:17:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 26 Sep 2021 04:17:47 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/12528070486919555234/ Frame 0FDA 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12528070486919555234/downsize_200k_v1?w=195&h=102
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=240&slotname=5908543374&adk=992070675&adf=654227663&pi=t.ma~as.5908543374&w=120&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866530&bpp=2&bdt=264&idt=102&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124%2C4431810172&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1124&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7daj9Nr2iD&p=https%3A//secure.cdunsigned.com&dtd=107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
sffe /
Resource Hash
38e34305de1a0447bb65ef6526dcd650438b43af2715569a941c0ad3e2f143d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 13:51:33 GMT
x-content-type-options
nosniff
age
224774
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4501
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 13:41:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 23 Sep 2022 13:51:33 GMT
truncated
/ Frame 0FDA 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 0FDA 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b36cb4caa2fe00a8f7d57472d28e0a58b68e67444ff99f4861c657859368134c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 0FDA 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 08:44:05 GMT
x-content-type-options
nosniff
age
416022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Sep 2022 08:44:05 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 0FDA 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 04:08:17 GMT
x-content-type-options
nosniff
age
432570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Sep 2022 04:08:17 GMT
css
fonts.googleapis.com/ Frame 80B9 		2 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 26 Sep 2021 03:50:16 GMT
server
ESF
date
Sun, 26 Sep 2021 04:17:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 26 Sep 2021 04:17:47 GMT
5e27231aceb2c30417d4aeea800135bf.js
www.gstatic.com/mysidia/ Frame 80B9 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5e27231aceb2c30417d4aeea800135bf.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
221fc39f9a7a3241ddd37b347af8eb6e69f8fe1e41d70038c20c97a4959e3614
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 09:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
585297
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4751
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 09:11:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Sat, 18 Dec 2021 09:42:50 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 80B9 		1 KB
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
cafe /
Resource Hash
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:23:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10428
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
852
x-xss-protection
0
server
cafe
etag
14170629819630813772
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Oct 2021 01:23:59 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 80B9 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
cafe /
Resource Hash
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 03:51:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7635
x-xss-protection
0
server
cafe
etag
15605042170853735879
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Oct 2021 03:51:27 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 80B9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:02:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Oct 2021 04:02:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 80B9 		128 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39662
x-xss-protection
0
server
sffe
etag
"1632310973010379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sun, 26 Sep 2021 04:17:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 80B9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
cafe /
Resource Hash
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
711
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
x-xss-protection
0
server
cafe
etag
15606800361334891596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Oct 2021 04:05:56 GMT
730400e8020df307e81d4efe9cf79fce.js
www.gstatic.com/mysidia/ Frame 80B9 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/730400e8020df307e81d4efe9cf79fce.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
e359ae3a06ae02c38ba2d09707dee364ab18c64164e7a739eae142294d8dd499
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 14:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11108
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 05:09:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Fri, 24 Dec 2021 14:00:33 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 80B9 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRcjSKknJgFWTdBpRWTosQ6A3NNIVayayOIUHW2WX4cIl7E3i3-oySzqQPppA&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
b58b096c49f5fa1d887977928c3468f020a1f4661174990b973648e8aece4056
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 21:12:36 GMT
x-content-type-options
nosniff
age
111911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36806
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 03:16:46 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 24 Sep 2022 21:12:36 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 80B9 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTVas1Susx6RkYeggw6JKyvcQ_Ckv29qQM16E-o3Gx5ssb8f4PVQMmHmftMsmI&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
f5cd5b257a3656fc1be662a9b3604941d6e75a780fef8c1e1402060943501cf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 22:27:51 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Aug 2021 03:08:18 GMT
server
sffe
age
366596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35319
x-xss-protection
0
expires
Wed, 21 Sep 2022 22:27:51 GMT
truncated
/ Frame 80B9 		400 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86af0a90cd587565cbaeef3ecbf52d08142ce71b616302220e8d763d75a134dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
shopping
encrypted-tbn3.gstatic.com/ Frame 80B9 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT5aVlyO5APWQGXlZ5Ms_4MXcCsg98AxehyvqU32JcQCs5E7vA&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f14.1e100.net
Software
sffe /
Resource Hash
d9bfbd1e3aae723adcf2bd3386b05373ca33f1a8a88916c50f2d957fbd393233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 12:57:01 GMT
x-content-type-options
nosniff
age
487246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22537
x-xss-protection
0
last-modified
Sat, 02 Mar 2019 18:50:28 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 20 Sep 2022 12:57:01 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 80B9 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR2pk95PKmNvIAQYklFtj7ddNZ0RJ27bb7bbvXSFaNWzYWnFsjI3zaevwNSJro&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
sffe /
Resource Hash
7b7c1f71543c28ccabc123e7e562d46b82d9622d11b160ca14667686a2acbcaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 14:07:05 GMT
x-content-type-options
nosniff
age
137442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21034
x-xss-protection
0
last-modified
Sun, 20 Jun 2021 02:05:29 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 24 Sep 2022 14:07:05 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 80B9 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTMOtmyZofVk5fuIQfTpZNGC_WahGo92W-K1H5brFqDVrqIkgUAmByrmuc8Kg&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
231d71f80471397a562303b005c0c89f84f59518bba82f41869174368c3953f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 13:25:51 GMT
x-content-type-options
nosniff
age
226316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46028
x-xss-protection
0
last-modified
Sat, 18 Sep 2021 02:37:55 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 23 Sep 2022 13:25:51 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 80B9 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSnYy-qn_N6l4MZ7Uu_LaBUoWuPwZxg02k4HDzTyD3J8YVDpkU&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
c49b4ab65feeb93cc94b64acb77ba48a915985c16ef57758efbf9bf5736661ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 01 Aug 2019 10:25:55 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15696
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 26 Sep 2022 04:17:47 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 80B9 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR3AlQFvQPhUi5tOeEliEq63XjLpETxthCN0SyBxyn-mL5Su6ykTU66kQiGqnM&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
sffe /
Resource Hash
96d1195bbd1c0de89c57a85c08604a98707d5e61160a0ba7789d01868def2644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 06:10:40 GMT
x-content-type-options
nosniff
age
338827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36989
x-xss-protection
0
last-modified
Fri, 04 Jun 2021 00:35:34 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 22 Sep 2022 06:10:40 GMT
12673870504212230304
tpc.googlesyndication.com/simgad/ Frame 80B9
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD34ryx8gEQgAkYgQkyCPiLZy55oMCP
  • https://tpc.googlesyndication.com/simgad/12673870504212230304
110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12673870504212230304
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
sffe /
Resource Hash
ad908f536a4470b3ddc5babc7948dcf53993eea50ccc3d94bcee3010685692d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 22:13:12 GMT
x-content-type-options
nosniff
age
281075
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112695
x-xss-protection
0
last-modified
Wed, 05 May 2021 19:13:05 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Sep 2022 22:13:12 GMT

Redirect headers

timing-allow-origin
*
date
Sat, 25 Sep 2021 19:58:19 GMT
x-content-type-options
nosniff
server
cafe
age
29968
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/12673870504212230304
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 25 Oct 2021 19:58:19 GMT
view_pixel_1x1.gif
secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/ Frame 80B9
Redirect Chain
  • https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=711-162166-540511-6&mkcid=4&mkevt=2&mpt=2863356241&gdpr=&gdpr_consent=&siteid=0&adtype=0&size=1x1&ipn=admain2&placement=547447
  • https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif
43 B
487 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-51.deploy.static.akamaitechnologies.com
Software
ebay server /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

suppress-x-frame-options
true
content-encoding
gzip
x-content-type-options
nosniff
x-cache-lookup
HIT from include-cache-3:80
akamai-grn
0.8b6656b8.1632629867.240254f
content-length
57
x-xss-protection
1; mode=block
server
ebay server
date
Sun, 26 Sep 2021 04:17:47 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
rlogid
t6q%60uebwh%3D9iptq%60uebwh*g3mo%3A%28rbpv6762-17bae0e1d87-0xdc
access-control-allow-headers
*
expires
Mon, 26 Sep 2022 04:17:47 GMT

Redirect headers

date
Sun, 26 Sep 2021 04:17:47 GMT
server
ebay-proxy-server
strict-transport-security
max-age=31536000
location
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif
cache-control
private,no-cache,no-store
x-envoy-upstream-service-time
49
rlogid
t6baubqsodf%3F%3Cumjgcp%60tqjfc*dkvp%3B%28rbpv6713-17c2052c4fa-0x234f
content-length
0
adview
googleads.g.doubleclick.net/pagead/ Frame 80B9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CrJdNavRPYcnAJ4OSrATdwY74DIqCtK9l99_R6fcN-uC_oNQBEAEgrI3XH2DJBqABxPa-3wPIAQmoAwHIA8sEqgTBAU_QuDJcA8pxXrXhM9RrSW6UvN2FNqdkQSjjdLl7PTATQv35Xz93VXaKFDGeR4J6QilDkmGXrWUEsXukG1bC8Ze9xaaTNZ9iKpk8lWg17_IqOoS3sSbjvfJ5IUVqybHfb0nsu8U6GQq6602byfSgmBL0WAKztiIwmDZPlgd3qQBo7_xdrterRXW_-k7jsjXrXxWxPNMMasNrFX_5o4qma745UcP0SgXWakuo4Nx4Z_KYHiJJEZLJryOVLdEhl8NBr5_ABJLJkIu1A5IFBAgEGAGSBQQIBRgEoAYugAekicEgqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQ7fxh0ggHCIBhEAEYH4AKAcgLAdgTC4gUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMTMxNzcwNTEyMjg0ODgzGAA&sigh=QqE4YKFT61c&template_id=494
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 26 Sep 2021 04:17:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js
pagead2.googlesyndication.com/bg/ Frame 9366 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=240&slotname=5908543374&adk=992070675&adf=654227663&pi=t.ma~as.5908543374&w=120&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866530&bpp=2&bdt=264&idt=102&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124%2C4431810172&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1124&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7daj9Nr2iD&p=https%3A//secure.cdunsigned.com&dtd=107
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
fb56aafb9f3da535d08485f43b4b2bd1bcbddcd3ac799c3bfc3eb076bf4cdd95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 21:42:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
110112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13400
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 24 Sep 2022 21:42:35 GMT
truncated
/ Frame 80B9 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6900af61cc4d62bbf5ccac15b36ee17fc854a136f22c9a8423925d7e632ec005

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 80B9 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 15:49:32 GMT
x-content-type-options
nosniff
age
563295
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Sep 2022 15:49:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 80B9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgoIAioGc2VydmVyCgsIASoHYmFubmVyMgoUCAQqEGluZnJhX2NvbnRyb2xfNXAKPhobbWF4aW1hbF90YWdfZXhwZXJpbWVudF9uYW1lKh1GcmVlU2hpcHBpbmdUYWdJY29uRXhwZXJpbWVudDABChQaB3RhZ19pZHMqBy4uZi4uZi4wAQonGhFwcm9kdWN0X2JveF93aWR0aCoQODcuMTU0Mjg1NzE0Mjg1NzABChoaEnByb2R1Y3RfYm94X2hlaWdodCoCODYwAQoZGgxiYXNlX3RhZ19pZHMqBy4uLi4uLi4wARIaQ01tZGdacmttX01DRlFNSml3b2QzYUFEenciHWdwYS9tYXhpbWFsX3YxX29jaF9ob3RmaXhhYmxlKAw=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/5e27231aceb2c30417d4aeea800135bf.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 04:17:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b16b1213159a6f04984f8b14fc64686e9be78a9667c5cd9bc51f385588f9b850
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49919
x-xss-protection
0
server
cafe
etag
16007989916113433482
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 26 Sep 2021 04:17:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210922&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
da83aae6206762d9082ee40965c54d64de5c2c456cfb1b28466172347c694edb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Sep 2021 04:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8490
x-xss-protection
0
-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js
pagead2.googlesyndication.com/bg/ Frame 9756 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&pi=t.ma~as.4431810172&w=728&lmt=1632629866&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629866521&bpp=3&bdt=254&idt=101&shv=r20210922&mjsv=m202109210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&pvsid=1139829657216753&pem=153&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjlYnm2iFv&p=https%3A//secure.cdunsigned.com&dtd=105
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
fb56aafb9f3da535d08485f43b4b2bd1bcbddcd3ac799c3bfc3eb076bf4cdd95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 21:42:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
110112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13400
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 24 Sep 2022 21:42:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 04:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 26 Sep 2021 04:17:47 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/ Frame C05B 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210922/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.cdunsigned.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmAneg51yeFmEKGUVLOA6aqbwo4jTEu3oepZ71ppv16KVMpzR1pVxf06zoGB0Y; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 25 Sep 2021 05:23:04 GMT
expires
Sat, 09 Oct 2021 05:23:04 GMT
content-type
text/html; charset=UTF-8
etag
14847953055219580247
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4613
x-xss-protection
0
age
82483
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=secure.cdunsigned.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Sep 2021 04:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C671 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&adk=1812271804&adf=3025194257&lmt=1632629867&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629867495&bpp=1&bdt=1229&idt=1&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D95b81bc93e748d0a-2215755859c900f1%3AT%3D1632629866%3ART%3D1632629866%3AS%3DALNI_Majv7T_hzt3PvormgJbs5MKvuMf-g&prev_slotnames=3854374124%2C4431810172%2C5908543374&nras=1&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&psts=AGkb-H9KYgFdhnri9IN2VO-RfbbkYqCnkZMiEQEQrLo9G23xHwjVwbXT6W0gor2BdrLwYy7Z9G_sm1szV5U%2CAGkb-H8qWNKNonABId4acreK7wLJI8VU20c78tORomkBym25F5rN2hgRNGxczgJ0HPaf2I-Srkiv3cb7e3o&pvsid=1139829657216753&pem=153&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1131770512284883&output=html&adk=1812271804&adf=3025194257&lmt=1632629867&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632629867495&bpp=1&bdt=1229&idt=1&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D95b81bc93e748d0a-2215755859c900f1%3AT%3D1632629866%3ART%3D1632629866%3AS%3DALNI_Majv7T_hzt3PvormgJbs5MKvuMf-g&prev_slotnames=3854374124%2C4431810172%2C5908543374&nras=1&correlator=7422207319706&frm=20&pv=1&ga_vid=1344052575.1632629867&ga_sid=1632629867&ga_hid=406595514&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062519&oid=3&psts=AGkb-H9KYgFdhnri9IN2VO-RfbbkYqCnkZMiEQEQrLo9G23xHwjVwbXT6W0gor2BdrLwYy7Z9G_sm1szV5U%2CAGkb-H8qWNKNonABId4acreK7wLJI8VU20c78tORomkBym25F5rN2hgRNGxczgJ0HPaf2I-Srkiv3cb7e3o&pvsid=1139829657216753&pem=153&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=16
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.cdunsigned.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmAneg51yeFmEKGUVLOA6aqbwo4jTEu3oepZ71ppv16KVMpzR1pVxf06zoGB0Y; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 26 Sep 2021 04:17:47 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 26 Sep 2021 04:17:47 GMT
cache-control
private
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B746 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.cdunsigned.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sat, 25 Sep 2021 19:02:13 GMT
expires
Sun, 25 Sep 2022 19:02:13 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
33334
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3D2E 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
0f7bc70725b6d2cb8ad730688e784f9747ca0c3babd75328726bee77353ab7ea
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MEvtBITUSCzN5OIz2wkH8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.cdunsigned.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=Nyw4uqsnvlsxyxs-qiz31fCejmcTicn9gUn5Fe6Gh5bfdziDTHd5heHHyCkCJ9VTVAgZyegr06tVEYW05ido5LeRbOb1mfel93EhPdJ_OvCMMEl8YD92jcke5Xg2NQzl6NZaBMrNI4Lv50WjTvm9sT8yXYZBnQN3T8Ev5euopXU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 26 Sep 2021 04:17:47 GMT
date
Sun, 26 Sep 2021 04:17:47 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-MEvtBITUSCzN5OIz2wkH8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js
pagead2.googlesyndication.com/bg/ Frame B746 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
fb56aafb9f3da535d08485f43b4b2bd1bcbddcd3ac799c3bfc3eb076bf4cdd95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 21:42:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
110112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13400
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 24 Sep 2022 21:42:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3D2E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210922&jk=1139829657216753&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210922&jk=1139829657216753&bg=!ODulO3_NAAZNQyuQTUM7ACkAdvg8WkphX5Tr9bj_uOxB-q6AhvoR2lwAoORmbUELEfKkAeVgxwFG0gIAAABcUgAAAApoAQcKAC8ZnwA5u9sCHaIjY9YUHLGJxBI6egunjwldvS1vGS2pZK4_bA2Abv1HHT783rCmBpkCvoUSJUltbmWV1yv3dr6CcpvcNGWA3Pgd3-k9qCUgdGlWDGHGtK1SvGPzK8o3fGuADTQTU0SOI9F0l15x4SCMNtl02dqHKNYqB5qEDUJkIeDIiobdON0Tz08Np3QQ4iVs-lVsis-EvWaaB72BGntU5tZS1XaQtztb8LSVjX3SAqVykbxe79sHdgil41xYEdr-DL89To0ur470oATfEm4m5j6xAGHHDezAdDp4CQxydUYbDT8ni0Z0dNPNvqaCWaJQO81xCf0YCMyFvTVN1tPWjQ-HT00vIr5-HQgr7ClG6EBmFH-e6bAdUN2DtUA2vhF6xNrWge2Pl2FNd-W9eCis_Wtz2J-EaSsmafRu-tch1QDYMsydWPEmtMK1MixkLI924X3_1AQAQfKrsYLV1XlfL9J3Fp0aEYhxuJFySZ3hbC14SvLawsuUJ9-VcAzh3U_3BIenmK25WsDg3r2YgPiAEglQtylS53Lzi5fvn6v_RfZooNq2mrtMY_Boh-d1uZYOFIY1DS19XMCXOuvZSYOsMIJF3YLlJ86wQAjpeZMNP9QFFXFSDHDRcY0FoXRh4KZUSx3acpMqIvtj4MFje2S8RgmYG0nEm13Ndei495RYNhhXcl_8FSKxl_Bx4LEWYEcz6rnS7rRi_LmzGPmWl9Ukd0aiwmSG0eKLxtLONRdT0TEZloSs7NCceaWM7IIHpYbZZAvO4Oi1FTGAr7YLdupimHBZB8GAAIU55oxvEte9-NCw0KJzxDczX9LK-o0pyVU8_3GqVC-pVkneIkvj0pgxvjHi-2z136abts3ZRoNtvYlQeqsFIv2K66e6EjKZ0CsUiD0GJ7s4G12IOuVW7_L2b4WSE_wby6Hsq-5Z4-QMpn6fyIFhGsHrw7-NtghGovME3XljAfsDavKHJ3aO5QKkE2o50J8eVqXDLBie4viB9Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
index.html
ws.sharethis.com/secure5x/ Frame B3DE 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure5x/index.html
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-69.fra2.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
b72527a1db29046eca96db1334c69daa214c657f7fd84780cd6f22ca31442918

Request headers

:method
GET
:authority
ws.sharethis.com
:scheme
https
:path
/secure5x/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.cdunsigned.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.cdunsigned.com/

Response headers

content-type
text/html
content-length
4082
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 03:22:38 GMT
server
nginx/1.20.1
x-robots-tag
noindex, nofollow
x-edge-origin-shield-skipped
0
date
Sun, 26 Sep 2021 03:49:09 GMT
etag
W/"612ef1fe-390f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
T60Uf7F538K4M6ObdV23owmLqO3xns6FuT51MwrXRldKpbAoy252eA==
age
1729
stcommon.1f60705adac788a51a8240cf535237b0.js
ws.sharethis.com/secure5x/js/ Frame B3DE 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-69.fra2.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ws.sharethis.com/secure5x/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 03:47:33 GMT
content-encoding
gzip
server
nginx/1.20.1
age
2161815
etag
W/"612ef1fe-40f6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-robots-tag
noindex, nofollow
content-length
5630
x-amz-cf-id
bN4-u6_QMCBAjx_zpMjUH-WliJSPqcCNDkLiYAV7WF-tHqHiH3pTlQ==
expires
Thu, 01 Sep 2022 03:47:33 GMT
st.57e66f577dc25e761b77d256b5e8adb6.js
ws.sharethis.com/secure5x/js/ Frame B3DE 		131 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure5x/js/st.57e66f577dc25e761b77d256b5e8adb6.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-69.fra2.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
78f15585a6b2c5a886bbc8aad63848b2a1bbe5dd09b7f26952ce40a48e10a4a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ws.sharethis.com/secure5x/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 03:47:34 GMT
content-encoding
gzip
server
nginx/1.20.1
age
2161814
etag
W/"612ef1fe-20b17"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
J9oxWQNJIF5APlZSy-MdsrxGqD43ANQOH9ID-bbYzSaCoOoTlMtwdQ==
expires
Thu, 01 Sep 2022 03:47:34 GMT

Verdicts & Comments Add Verdict or Comment

251 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| mejs object| previewListener object| playerControl function| showMsg boolean| pp_alreadyInitialized object| Kicksend function| setDisplay function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| MediaElement function| MediaElementPlayer object| jQuery191024879446610206313 object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| google_onload_fired object| google_sa_queue object| google_sl_win function| google_process_slots number| google_unique_id object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing boolean| google_apltlad object| google_sv_map string| google_user_agent_client_hint boolean| switchTo5x boolean| __st_loadLate object| stlib function| _$d function| _$d0 function| _$d_ function| _$d1 function| _$d2 function| _$de function| _$dt object| _all_services boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus string| customProduct string| stWidgetVersion object| stButtons object| stWidget boolean| sop_pview_logged object| ShareThisEvent object| stLight boolean| st_showing object| _gaq boolean| doresize object| scroll_pos boolean| hashtag function| init_hash boolean| showHoverbarReskinned boolean| isEsiLoaded boolean| stShowNewMobileWidget boolean| isMobileButtonLoaded boolean| stRecentServices boolean| iswhatsappCustomButton boolean| isKikCustomButton boolean| stIsLoggedIn object| servicesLoggedIn object| stFastShareObj boolean| useFastShare object| stButtonsLib function| Shareable function| shareLog string| __stPubGA object| async_buttons function| foursquareCallback function| __stgetPubGA function| plusoneCallback boolean| openWidget object| iedocmode object| _gat object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ boolean| _gfp_a_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded object| gapi object| ___jsl object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| googletag object| adsbygoogle string| baseURL object| GoogleGcLKhOms function| google_spfd object| google_image_requests string| messageSet

9 Cookies

Domain/Path Name / Value
www.ebayadservices.com/marketingtracking/v1 Name: adguid
Value: 6dfa655189d943408ef39808c5247da5
.secure.cdunsigned.com/ Name: __utma
Value: 100091420.1344052575.1632629867.1632629867.1632629867.1
.secure.cdunsigned.com/ Name: __utmc
Value: 100091420
.secure.cdunsigned.com/ Name: __utmz
Value: 100091420.1632629867.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.secure.cdunsigned.com/ Name: __utmt
Value: 1
.secure.cdunsigned.com/ Name: __utmb
Value: 100091420.1.10.1632629867
.google.com/ Name: NID
Value: 511=Nyw4uqsnvlsxyxs-qiz31fCejmcTicn9gUn5Fe6Gh5bfdziDTHd5heHHyCkCJ9VTVAgZyegr06tVEYW05ido5LeRbOb1mfel93EhPdJ_OvCMMEl8YD92jcke5Xg2NQzl6NZaBMrNI4Lv50WjTvm9sT8yXYZBnQN3T8Ev5euopXU
.cdunsigned.com/ Name: __gads
Value: ID=95b81bc93e748d0a-2215755859c900f1:T=1632629866:RT=1632629866:S=ALNI_Majv7T_hzt3PvormgJbs5MKvuMf-g
.doubleclick.net/ Name: IDE
Value: AHWqTUmAneg51yeFmEKGUVLOA6aqbwo4jTEu3oepZ71ppv16KVMpzR1pVxf06zoGB0Y

1 Console Messages

Source Level URL
Text
network error URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=false&origin=https%3A%2F%2Fsecure.cdunsigned.com&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1632629866650&_gfid=I0_1632629866650&parent=https%3A%2F%2Fsecure.cdunsigned.com&pfname=&rpctoken=36608085
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
ajax.googleapis.com
apis.google.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
l.sharethis.com
pagead2.googlesyndication.com
partner.googleadservices.com
secure.cdunsigned.com
secureir.ebaystatic.com
ssl.google-analytics.com
ssl.gstatic.com
tpc.googlesyndication.com
ws.sharethis.com
www.ebayadservices.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.21.23.118
104.75.89.51
13.224.193.69
142.250.184.194
142.250.185.110
142.250.185.136
142.250.185.170
142.250.186.106
142.250.186.130
142.250.186.131
142.250.186.34
142.250.186.67
142.250.186.68
142.250.74.205
172.217.16.129
172.217.16.142
172.217.18.98
172.217.23.99
18.198.109.212
209.140.129.82
216.58.212.142
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02d12a7e9f88ce45449a2a4440423d08040d82f64657851548b5acda1645e964
0f7bc70725b6d2cb8ad730688e784f9747ca0c3babd75328726bee77353ab7ea
0fc648acf97525822df35fbef5c84bf45c870082f2be7e790b4789c071413241
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
2016beacdfc12fd9dd153c0f85a8e607b3f94c329c5e2f2ce8634de32a771c41
20340b54ea09c9d922e1fc489c630d6b350007da4d1c05db13c96e93d3a78931
221fc39f9a7a3241ddd37b347af8eb6e69f8fe1e41d70038c20c97a4959e3614
231d71f80471397a562303b005c0c89f84f59518bba82f41869174368c3953f5
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
2ecc45ef1d382035c1367ab078ad6f52bae305feaa6dc5ac2c17908d8f7e2a55
307a78514afff091b8497deeccd07003f864099b4b184edbcfa6b3a640be639a
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
336440f640addce0e04e15262ac45e00b43c736873cde6e843252c96c44df30a
33a282f8dbd6fb2323f2f4d7d292d83da258dcec485a0ea4cc09880dc45fbbe3
3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
38e34305de1a0447bb65ef6526dcd650438b43af2715569a941c0ad3e2f143d6
3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4e2b38b4f0180fd5671604c482ae7b38eaa7d3b008099314bd261206045b0413
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
6364ce957ac0a42c9313de0c28ceb815ed22e36d5f71eb123d6d791eb539dddf
6900af61cc4d62bbf5ccac15b36ee17fc854a136f22c9a8423925d7e632ec005
692cc545d8abe00deae378bc460f9f73a7f454a49b49eba5db420e883bd75fd7
6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820
701de3c4051aa7c7097b5209359dfa919f7bd67cb2a6d54d53706f96163fe894
70979fad625ab9090cde420d3e142628aeede9ec487315594f56492562b27361
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
78f15585a6b2c5a886bbc8aad63848b2a1bbe5dd09b7f26952ce40a48e10a4a0
7b7c1f71543c28ccabc123e7e562d46b82d9622d11b160ca14667686a2acbcaf
7ccd0cdee8c57b9ba0bd1fc41aaf8cb863451753d16672c70de56d325152afe6
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86af0a90cd587565cbaeef3ecbf52d08142ce71b616302220e8d763d75a134dc
87629cd57dbd6b0971f759ce88e454d939a2275b69e9a113c1f421d2dcf4d4bd
8874eb2e4480aca2c2cbb14e2309ad6e153676c1e12231ef79fecbfbc3ac66da
88d9c8377ce13663396947a1c449913f083e08a0a82108ff8045b21ab717d277
8945dbe7882b2378f00eced866866c9a3d1f1842f9e94cefbd8b450b7c0ec37d
8b4ca02afc05579b79ae3765ccff134871e2ed02f8f7c133efdc8b779ee3deb1
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
95ea6ecff0826b3cf6570d40a2e3ceff6dea46e113f36a8866bb1fa85b4ad47a
96d1195bbd1c0de89c57a85c08604a98707d5e61160a0ba7789d01868def2644
98326220a0183a780550aa1e150e0ec12071607128ed2bf309fecbaaf5046f21
99d513ae70dac6c99271d5bf99733a1f70849d0623635d21d547d5294cb18360
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aabffb648b42883485ff2f5adaa6ce307dd24e522b3bf071965450309ab7441b
ab66a0c168283eef024334d4aba29534a427377c9d28261142f15f62dbd24976
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8
ad908f536a4470b3ddc5babc7948dcf53993eea50ccc3d94bcee3010685692d3
aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a
af6c4b21f7b4a51cf290db1dc17ff613cd7db54e14574587bebb6b9cf2a2082d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16b1213159a6f04984f8b14fc64686e9be78a9667c5cd9bc51f385588f9b850
b1952d458dad1b2a0cc515456b0091e0eef0e3f4f468d3942c039db25bad4724
b36cb4caa2fe00a8f7d57472d28e0a58b68e67444ff99f4861c657859368134c
b529a626b28bdeead37899ec193eb42bda1804d7e904ca1e7ac449cd533a1b22
b58b096c49f5fa1d887977928c3468f020a1f4661174990b973648e8aece4056
b6fce29c70a9d3cd4d897dae79b87a382de3031c22696b943f5bb0423798eb0a
b72527a1db29046eca96db1334c69daa214c657f7fd84780cd6f22ca31442918
b8997711fa3c5fdd9a6addcf838c2cab29c7dd6e112baa484101d0d63d8b2843
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809
c49b4ab65feeb93cc94b64acb77ba48a915985c16ef57758efbf9bf5736661ed
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c7f619c5be91f7b36a157fdedeb8d343f23a838fd2aee4d8f39fae802f90994e
c809bc80cb236eb22cdb9c474f4cf2a8a8290ba6caf21a8d81575977d6e7df18
ca079c3a95bfe4df7e1111b2594135611b3baf70e44feb546066e77081ee78f4
cc8faf4ebe94f92af1aa97b73f052409171ff69671a93028fd57a726d1a49dd9
cf1e3a4f47f40b7876c800629857888c841908c2234b7880ea8544c1e418ac3b
cf4aa82a277dcc9151be7cad6bec03563daf4ac182b606f652b6265fdd010157
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
d9bfbd1e3aae723adcf2bd3386b05373ca33f1a8a88916c50f2d957fbd393233
da83aae6206762d9082ee40965c54d64de5c2c456cfb1b28466172347c694edb
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
e1dab5441fc5ea9439d17f4adc60e14e65f0c0597598cff7f56802a44d6ee9a0
e359ae3a06ae02c38ba2d09707dee364ab18c64164e7a739eae142294d8dd499
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
ed3de4f3ca1518e886b165199e2654f0c0cddaecae636240c037b3fd398aa1c7
eec9d7dfdd93ec3dd995676f9434b93a57bacbbb71de3e1695b995d79beb5389
f5cd5b257a3656fc1be662a9b3604941d6e75a780fef8c1e1402060943501cf0
fb56aafb9f3da535d08485f43b4b2bd1bcbddcd3ac799c3bfc3eb076bf4cdd95
fbf97dae09e688047925aeb5a6877cbb39a4c2db81baa7026322a86fee666b4f
fe6b47572eeffd760989907f1d33335c2d32ebc97d12abe305ff2a2c9deac22f