banks.org Open in urlscan Pro
2607:f1c0:100f:f000::253 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://banks.org/
Submission: On January 19 via api (January 19th 2023, 8:41:58 pm UTC) from US — Scanned from DE

Summary HTTP 205 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 27 domains to perform 205 HTTP transactions. The main IP is 2607:f1c0:100f:f000::253, located in United States and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is banks.org.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on November 17th 2022. Valid for: a year.

This is the only time banks.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	2607:f1c0:100... 2607:f1c0:100f:f000::253	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:400d:804::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
7 19	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
4 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 6	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.210.92.129 52.210.92.129	16509 (AMAZON-02) (AMAZON-02)
40	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2 2	52.29.44.102 52.29.44.102	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
4	142.251.39.66 142.251.39.66	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223f:bc00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f13:800... 2600:1f13:800:7780:b826:cff2:4f34:22ea	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:3fa2:8fc7:943c:2dee	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.122 185.86.137.122	201081 (SMARTADSE...) (SMARTADSERVER)
1	35.190.25.25 35.190.25.25	() ()
205	28

41 2607:f1c0:100f:f000::253 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

banks.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 216.58.212.130 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.171.21 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.92.129 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-92-129.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.44.102 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-44-102.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.39.66 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:bc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f13:800:7780:b826:cff2:4f34:22ea (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:3fa2:8fc7:943c:2dee (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.25.25 (None, )

ASN- ()

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 156	513 KB
41	banks.org banks.org	822 KB
40	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 280	473 KB
33	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 321	129 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 799 static.adsafeprotected.com — Cisco Umbrella Rank: 633 dt.adsafeprotected.com — Cisco Umbrella Rank: 591	98 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	6 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	138 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 207 secure.adnxs.com — Cisco Umbrella Rank: 413	7 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 274 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 417	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	143 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 721 r.turn.com — Cisco Umbrella Rank: 3102	869 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 276	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8470	957 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	mixpanel.com api-js.mixpanel.com	367 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 780	75 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1442	586 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 301	265 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2725	104 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 691	383 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 306	508 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1592	350 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 554	577 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 636	463 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 813	692 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 2831	18 KB
205	27

	Domain	Requested by
41	banks.org	banks.org
40	s0.2mdn.net	banks.org s0.2mdn.net googleads.g.doubleclick.net
37	pagead2.googlesyndication.com	banks.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
19	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net banks.org
18	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
5	dt.adsafeprotected.com	googleads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	banks.org
3	www.googletagservices.com	googleads.g.doubleclick.net
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	ups.analytics.yahoo.com	2 redirects
2	x.bidswitch.net	2 redirects
2	fw.adsafeprotected.com	1 redirects banks.org
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	fonts.googleapis.com	banks.org googleads.g.doubleclick.net
1	api-js.mixpanel.com	cdn.mxpnl.com
1	secure.adnxs.com	1 redirects
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	r.turn.com	banks.org
1	ad.turn.com	1 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.mxpnl.com	banks.org
205	37

This site contains no links.

Subject Issuer	Validity	Valid
*.banks.org Encryption Everywhere DV TLS CA - G1	`2022-11-17` - `2023-11-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.mxpnl.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-07-11` - `2023-07-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-11-04` - `2023-12-03`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.mixpanel.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-28` - `2023-04-28`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://banks.org/
Frame ID: 98307D60945717573FD68EE890A0B645
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230118/r20190131/zrt_lookup.html
Frame ID: 1C245F7929AF501E9F1F30AB6F915857
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&adk=1812271804&adf=3025194257&lmt=1673452314&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x810_l%7C140x810_r&format=0x0&url=https%3A%2F%2Fbanks.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912418&bpp=9&bdt=1465&idt=318&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3179884074230&frm=20&pv=2&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=344
Frame ID: A7D75AF59C081DCCF8C7A6741B27DAB8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=280&adk=4144480424&adf=1612389005&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=1200x280&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912427&bpp=2&bdt=1473&idt=345&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=73&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Rp3dLKmVqB&p=https%3A//banks.org&dtd=349
Frame ID: A441136428F0FE8E13E931B53520D942
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912987&bpp=1&bdt=2033&idt=1&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280&nras=3&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0EY4EDvagM&p=https%3A//banks.org&dtd=21
Frame ID: 3BA6D49B223805EC6B8E5369589FA94C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=280&adk=3039446094&adf=1308214307&pi=t.aa~a.343856025~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=336x280&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912992&bpp=1&bdt=2038&idt=0&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280%2C263x600&nras=4&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fwoQU57OeO&p=https%3A//banks.org&dtd=322
Frame ID: A0058F52AE2B62AEF5787598A26C194B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnfyZyAEwAQ&v=APEucNVuKWVMRUUKGIp-IIlNtm269kM7xiPE_-4KzPsHlpTh1q9gTu_mX8ecABmz8ADjvcuw3GucpSmp-EHkdu1sKAoJhUd_OeRhHQyZze5npkQP-TIDHKxo528CI4WrMK-r7iidLNMnyjO26BDPEgVWJI3DCiuBERrW5FzE8FWRI2m58qEpVRk
Frame ID: B199FE41B7194EA0CBC3579E8CA950F9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: E7D832F9BAAAF8BFFC08F9D5116AB890
Requests: 27 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 35634D74C6951571D423556CE417E7A8
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 756C2615756EC7CA1D190698C12607D7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247
Frame ID: F896BEAADB1E38B34964EBA71A35575D
Requests: 23 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 56B74924C49FCF7533CD084FB58A0E18
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: 97863E50F874DDC19D0C7B7DCCE864E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNX7T2luxdPsrSnRwfw-UFEHmFI6x96iA3c-r9eDwvpOYCSlb1tJJPj4ESTT_kPkLAdbDNbUzbocvLo9mGJxfcCP0ONZVQcTTo0CKtooFgDPNChF2RzR9AZEyWu2kZSrWnd4ZbX_GKrWAYvt9oa-5Lc4AicGbAeJoYZlgHTxeMHkzG5FPRw
Frame ID: 7ECBF22AF17BE3DD28DB3FCD586B6F8D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 0C35B29E1CECE135F29DACEC2A7FCB58
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: 0D24293F30ED6FCD7AE26717FF980B3F
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html
Frame ID: 676DD2DE5A21F51A7E1140A30CDC29E4
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3B27A84508C76C4C94C847BC50811181
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0DFC04CB149923F6FC574A4A48DB190E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: 1DBC904871FF5BFC0324ACDBC776F182
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B9589285B3187C6A162EF6981E4F1702
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 623CC78FCC616104D0645F1902962CCE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Banks.org

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

205
Requests

91 %
HTTPS

56 %
IPv6

27
Domains

37
Subdomains

28
IPs

7
Countries

2344 kB
Transfer

4939 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY7i9iPHFLVpzNWBluPWEk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY7i9iPHFLVpzNWBluPWEk&google_cver=1&C=1

Request Chain 68

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8mrEf7EB-.Db7oPEgSXZgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY7i9iPHFLVpzNWBluPWEk&google_cver=1&google_hm=2

Request Chain 69

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFaHxn5If8C9FDxijMJpDP8&google_cver=1

Request Chain 70

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjM0NjE2MzY4NzE1NDc3Ng%3D%3D

Request Chain 83

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGRhWbDmbaUPVvkFpZJ0EFA&google_cver=1&google_push=AavPq0OJvBJdzgkoJ-mpNMMuAerPtDxJjkcybx47VtE4S8Zqu4R72H1K-imalMc2oPACi24_BGBF6rsOsRIKemTIZomemHmnPYWeZla92MRIhBLH8pfIino-pAiOzhy-1aI-k5pAjd12r6hFcr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGRhWbDmbaUPVvkFpZJ0EFA&google_push=AavPq0OJvBJdzgkoJ-mpNMMuAerPtDxJjkcybx47VtE4S8Zqu4R72H1K-imalMc2oPACi24_BGBF6rsOsRIKemTIZomemHmnPYWeZla92MRIhBLH8pfIino-pAiOzhy-1aI-k5pAjd12r6hFcr8

Request Chain 84

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENhg-K-BnRd7yvB108Zjl5A&google_cver=1&google_push=AavPq0PqkOKTuWJtt95iQZyZDaPnC18u6tU5c65_MR_G_WsvFoeIyb5KBvlkbJmV0tiCHjk-kajGWIIywTv7dCF923TkHGQ4ZG1UaibBZTtbvwWF5oZDm8qZUAMgwwCxW9D-9Q4I9nsMRJN8Ysc HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENhg-K-BnRd7yvB108Zjl5A&google_cver=1&google_push=AavPq0PqkOKTuWJtt95iQZyZDaPnC18u6tU5c65_MR_G_WsvFoeIyb5KBvlkbJmV0tiCHjk-kajGWIIywTv7dCF923TkHGQ4ZG1UaibBZTtbvwWF5oZDm8qZUAMgwwCxW9D-9Q4I9nsMRJN8Ysc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PqkOKTuWJtt95iQZyZDaPnC18u6tU5c65_MR_G_WsvFoeIyb5KBvlkbJmV0tiCHjk-kajGWIIywTv7dCF923TkHGQ4ZG1UaibBZTtbvwWF5oZDm8qZUAMgwwCxW9D-9Q4I9nsMRJN8Ysc&google_hm=lLC3dhYRQVi_YXF6ChGZBQ==

Request Chain 86

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAeBTqf7hScNHxEm5XQ_r4s&google_cver=1&google_push=AavPq0PwIvHbz6Q1a_SSQbX1RFN7VSsDXFqoohsAi_Xj10Ls_XVx9EZOIXejF--cJKYLmJDSoPmm0xId-vMFSofxY-xINglqq5TXVwzU42iCRuFBhWuAcfo7rJC9EDW8651sKfaHDrKLhbk0cOY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQzSzZLTkMtMVYtMTVVWg==&google_push=AavPq0PwIvHbz6Q1a_SSQbX1RFN7VSsDXFqoohsAi_Xj10Ls_XVx9EZOIXejF--cJKYLmJDSoPmm0xId-vMFSofxY-xINglqq5TXVwzU42iCRuFBhWuAcfo7rJC9EDW8651sKfaHDrKLhbk0cOY

Request Chain 87

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPyGdhyk9sa1Hso-F9bgLnI&google_cver=1&google_push=AavPq0N2DBSMAvs0F4EDIY2qJ84XCoi5R_6DZzKrxBFlTDjRgBTIcZ-2KAShlY1zKtPzR4oPpebaLuFOQi6K-LWFQC0im4Y07do2jrMOqbk4xpZZJpUVMNiAttS7CuNPeSD5uciqKfG0hu17S9E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0N2DBSMAvs0F4EDIY2qJ84XCoi5R_6DZzKrxBFlTDjRgBTIcZ-2KAShlY1zKtPzR4oPpebaLuFOQi6K-LWFQC0im4Y07do2jrMOqbk4xpZZJpUVMNiAttS7CuNPeSD5uciqKfG0hu17S9E

Request Chain 88

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIGYnjjjeIDr0DylWZuyt2c&google_cver=1&google_push=AavPq0NLk3UNe8DflkuPhp03CVh_y_GdoQw3ktz6ARB8qhZQ7flazZz1TNBY0_PIvGdu2DXuokR7YutBiIHxQGMoLAFfWlFy2bKMxv9gZvfjsrmkFE1a2bVbdcxJzpxMPAPu3EaZkTjWrA9eJEhx HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIGYnjjjeIDr0DylWZuyt2c&google_cver=1&google_push=AavPq0NLk3UNe8DflkuPhp03CVh_y_GdoQw3ktz6ARB8qhZQ7flazZz1TNBY0_PIvGdu2DXuokR7YutBiIHxQGMoLAFfWlFy2bKMxv9gZvfjsrmkFE1a2bVbdcxJzpxMPAPu3EaZkTjWrA9eJEhx&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Sa1E4U2N0RTJ1RU9LZ09zQU9Hc05YcTVRbkhnOEI1SX5B&google_push=AavPq0NLk3UNe8DflkuPhp03CVh_y_GdoQw3ktz6ARB8qhZQ7flazZz1TNBY0_PIvGdu2DXuokR7YutBiIHxQGMoLAFfWlFy2bKMxv9gZvfjsrmkFE1a2bVbdcxJzpxMPAPu3EaZkTjWrA9eJEhx

Request Chain 101

https://fw.adsafeprotected.com/rfw/st/886862/62196421/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_EavJY42jKJq79u8PzJKf2AM&cbFunctionName=goog_wrapCb_EavJY42jKJq79u8PzJKf2AM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fbanks.org&adsafe_type=g&adsafe_url=https%3A%2F%2Fbanks.org%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9300874048195348%26output%3Dhtml%26h%3D600%26adk%3D2873357176%26adf%3D4272239003%26pi%3Dt.aa~a.2432572741~rp.4%26w%3D263%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1673452314%26rafmt%3D1%26to%3Dqs%26pwprc%3D3371083428%26format%3D263x600%26url%3Dhttps%253A%252F%252Fbanks.org%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1674160912987%26bpp%3D1%26bdt%3D2033%26idt%3D1%26shv%3Dr20230118%26mjsv%3Dm202212050101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D19573434241cd5ba-225c363054db0054%253AT%253D1674160912%253ART%253D1674160912%253AS%253DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw%26gpic%3DUID%253D00000ba590a504ac%253AT%253D1674160912%253ART%253D1674160912%253AS%253DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D3179884074230%26frm%3D20%26pv%3D1%26ga_vid%3D161532453.1674160913%26ga_sid%3D1674160913%26ga_hid%3D2098212004%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1108%26ady%3D4512%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C44779793%252C31071579%26oid%3D2%26pvsid%3D4026102940876832%26tmod%3D618377683%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3D0EY4EDvagM%26p%3Dhttps%253A%2F%2Fbanks.org%26dtd%3D21&adsafe_type=bed&adsafe_jsinfo=,id:e4b4cd08-c601-a27c-6984-4476bd0d3108,c:1Mi73m,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5dc769c4d9-mq72j,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:ttq8A2v+11%7C12%7C13%7C141*.886862-62196421%7C1411%7C1412%7C14131%7C1414%7C15,idMap:141*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:18,oid:b52b8757-9839-11ed-9a10-8e6f8cdc6cbe,v:19.8.385,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELR-F3iOThiD6wvUaHskLx4&google_cver=1

Request Chain 146

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8mrEf7EB-.Db7oPEgSXZwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELR-F3iOThiD6wvUaHskLx4&google_cver=1&google_hm=2

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKswlk69_3tJRqT1xd677do&google_cver=1

Request Chain 148

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjM0NjE2MzY4NzE1NDc3Ng%3D%3D

Request Chain 178

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA607MDK2qGS49Y_kwZxxhU&google_cver=1&google_push=AavPq0M-cpDV9EpuUj1RRKxq538WpF7OaylRmDh14H15LpXe5mGDAo_l6sTsFU5hDik3Ych0krS3Y6-1W27eKleJfT_beQpFyYus HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk0Mjc4ODk4MzQyNzc2MzAwOA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA607MDK2qGS49Y_kwZxxhU&google_cver=1

Request Chain 181

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGxYBhxp_55q09sMq3kH4pY&google_cver=1&google_push=AavPq0PMbVJ5khgzr10BeUCkkG92MdEVnNWntJg53dMe_6KnlPj-WJFDYsaZf7Tgjdy92fDwLi3I1-nxgQb_vkg1660uRW7IZwej4w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MDQ2NjM3Mzg5NTUxODM0OA%3D%3D&google_push=AavPq0PMbVJ5khgzr10BeUCkkG92MdEVnNWntJg53dMe_6KnlPj-WJFDYsaZf7Tgjdy92fDwLi3I1-nxgQb_vkg1660uRW7IZwej4w

Request Chain 182

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEM_R6OYWNfcGGx_UuTWKXKQ&google_cver=1&google_push=AavPq0NyAm9He-ImiPwyzFE8dsgYPEWh-e7kvmNkQUzLXPNPA1CK8z70xGnXxtQ-cKmigaUXPnHOiZnIBVkNKITNnd2w0gnC9oW49A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NyAm9He-ImiPwyzFE8dsgYPEWh-e7kvmNkQUzLXPNPA1CK8z70xGnXxtQ-cKmigaUXPnHOiZnIBVkNKITNnd2w0gnC9oW49A&google_hm=eS1jSi4xMlp0RTJwRWZLWVhWbHg1UVBFT3Q5QWVzeVQ3YX5B

Request Chain 184

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEinBMFuGrM-ebLOsi6Ccag&google_cver=1&google_push=AavPq0PIvPe_A55zwkss1A07HBCogX8uwLTnGJEWK_sbRTxtvXCXVV2jDKsjhzvqNfr6oHzSxF1Ub6SuTyt41fvNMWi5C-Pf7awXUg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODg1NjM0NjE2MzY4NzE1NDc3Ng%3D%3D&google_gid=CAESEEinBMFuGrM-ebLOsi6Ccag&google_cver=1&google_push=AavPq0PIvPe_A55zwkss1A07HBCogX8uwLTnGJEWK_sbRTxtvXCXVV2jDKsjhzvqNfr6oHzSxF1Ub6SuTyt41fvNMWi5C-Pf7awXUg

205 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
banks.org/ 114 KB
20 KB 1057ms
348ms Document
text/html 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: cbe8c763a9ec6bd3cad599d7716d01309fd0a922f3b7f52d943bcb1ecb5e27af

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 20206
content-type: text/html; charset=UTF-8
date: Thu, 19 Jan 2023 20:41:50 GMT
expires: Mon, 29 Oct 1923 20:30:00 GMT
last-modified: Wed, 11 Jan 2023 15:51:54 GMT
pragma: no-cache
server: Apache
vary: User-Agent,Accept-Encoding

GET
H2 200 style.min.css
banks.org/wp-includes/css/dist/block-library/ 93 KB
16 KB 247ms
242ms Stylesheet
text/css 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:34:12 GMT
server: Apache
etag: "172a9-5f1fc37b30ef8-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 16136
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 classic-themes.min.css
banks.org/wp-includes/css/ 217 B
424 B 256ms
251ms Stylesheet
text/css 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:34:12 GMT
server: Apache
etag: "d9-5f1fc37b66a60-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 189
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 wpautoterms.css
banks.org/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/ 547 B
435 B 410ms
405ms Stylesheet
text/css 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=6.1.1
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:37:10 GMT
server: Apache
etag: "223-5f1fc4251d9f6-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 199
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 styles.css
banks.org/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 255ms
250ms Stylesheet
text/css 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:35:52 GMT
server: Apache
etag: "af3-5f1fc3db39dd0-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 1074
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 mashsb.min.css
banks.org/wp-content/plugins/mashsharer/assets/css/ 46 KB
29 KB 306ms
302ms Stylesheet
text/css 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/mashsharer/assets/css/mashsb.min.css?ver=3.8.7
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 0500bd58f47403106f2f10da96d8d196941a02a4046e88611a59494557861f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:36:13 GMT
server: Apache
etag: "b6e3-5f1fc3eebf1fd-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 29666
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 wpp.css
banks.org/wp-content/plugins/wordpress-popular-posts/assets/css/ 2 KB
856 B 247ms
242ms Stylesheet
text/css 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.1.1
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:37:02 GMT
server: Apache
etag: "688-5f1fc41e0defd-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 620
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 virtue.css
banks.org/wp-content/themes/virtue/assets/css/ 199 KB
47 KB 460ms
456ms Stylesheet
text/css 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/themes/virtue/assets/css/virtue.css?ver=3.4.5
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 44352f2782055e78f474b678b4fb93ba8f39473a3480015c4b4f5de6906d6323

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 02:14:47 GMT
server: Apache
etag: "31afa-5f21bcc35983f-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 47351
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 default.css
banks.org/wp-content/themes/virtue/assets/css/skins/ 4 KB
2 KB 412ms
407ms Stylesheet
text/css 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/themes/virtue/assets/css/skins/default.css?ver=3.4.5
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 26c0ff25452c0df38cba6be960ed2632117c62a45bbb78d84c15edd9fe09d0af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 02:14:47 GMT
server: Apache
etag: "fb1-5f21bcc34cd1d-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 1438
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 25 KB
2 KB 104ms
52ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRoboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&ver=1672623260

Requested by

Host: banks.org
URL: https://banks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8278753710ce6e939a0c82614bbb441c5167b67f10ac6f768a84e0f910410e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 20:41:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Jan 2023 20:41:51 GMT

GET
H2 200 jquery.min.js Show response
banks.org/wp-includes/js/jquery/ 88 KB
36 KB 590ms
343ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:34:13 GMT
server: Apache
etag: "15e54-5f1fc37c2de00-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 36199
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 jquery-migrate.min.js Show response
banks.org/wp-includes/js/jquery/ 11 KB
5 KB 558ms
311ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 23:44:01 GMT
server: Apache
etag: "2bd8-5c8c4607b8b23-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 4563
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 regenerator-runtime.min.js Show response
banks.org/wp-includes/js/dist/vendor/ 6 KB
3 KB 1219ms
218ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:52 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:34:12 GMT
server: Apache
etag: "194b-5f1fc37be1b34-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 2641
expires: Thu, 16 Feb 2023 20:41:52 GMT

GET
H2 200 wp-polyfill.min.js Show response
banks.org/wp-includes/js/dist/vendor/ 17 KB
7 KB 634ms
380ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:34:12 GMT
server: Apache
etag: "459f-5f1fc37be2ad4-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 7347
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 dom-ready.min.js Show response
banks.org/wp-includes/js/dist/ 498 B
577 B 622ms
368ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:34:12 GMT
server: Apache
etag: "1f2-5f1fc37bec715-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 331
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 base.js Show response
banks.org/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/ 720 B
550 B 996ms
353ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.5.0
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:37:11 GMT
server: Apache
etag: "2d0-5f1fc425ee9d7-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 304
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 script.js Show response
banks.org/wp-content/plugins/shortcode-for-current-date/dist/ 1011 B
762 B 642ms
226ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/shortcode-for-current-date/dist/script.js?ver=6.1.1
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 42a3e7eb21772042631226aa59844d39505b17934593db5ebf7a4f4681c36bfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:36:28 GMT
server: Apache
etag: "3f3-5f1fc3fd72f08-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 516
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 mashsb.min.js Show response
banks.org/wp-content/plugins/mashsharer/assets/js/ 4 KB
2 KB 639ms
223ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/mashsharer/assets/js/mashsb.min.js?ver=3.8.7
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 876f181150664af9e30a4c1da6f8f95eb462aebeb8781db732ff6bc48a1f6632

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:36:13 GMT
server: Apache
etag: "114d-5f1fc3eecdc5f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 1620
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 wpp.min.js Show response
banks.org/wp-content/plugins/wordpress-popular-posts/assets/js/ 3 KB
2 KB 637ms
222ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.1.1
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:37:02 GMT
server: Apache
etag: "bd7-5f1fc41e14c5e-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 1421
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 175ms
84ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9300874048195348

Requested by

Host: banks.org
URL: https://banks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fdd3111748775b4f8f58e0a3709c648da314d1b11e14838be0df6a3fa6f252d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.org/
Origin: https://banks.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49647
x-xss-protection: 0
server: cafe
etag: 8756968045712469353
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 20:41:52 GMT

GET
H2 200 index.js Show response
banks.org/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
4 KB 1172ms
196ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:52 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:35:52 GMT
server: Apache
etag: "2945-5f1fc3db43a11-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 3348
expires: Thu, 16 Feb 2023 20:41:52 GMT

GET
H2 200 index.js Show response
banks.org/wp-content/plugins/contact-form-7/includes/js/ 12 KB
5 KB 1169ms
193ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:52 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:35:52 GMT
server: Apache
etag: "316c-5f1fc3db40b31-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 4580
expires: Thu, 16 Feb 2023 20:41:52 GMT

GET
H2 200 smush-lazy-load.min.js Show response
banks.org/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 1192ms
216ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.12.4
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:52 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:36:34 GMT
server: Apache
etag: "1ef2-5f1fc402b1c3a-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 3904
expires: Thu, 16 Feb 2023 20:41:52 GMT

GET
H2 200 bootstrap-min.js Show response
banks.org/wp-content/themes/virtue/assets/js/min/ 27 KB
9 KB 967ms
442ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/themes/virtue/assets/js/min/bootstrap-min.js?ver=3.4.5
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 02320f9705025c1834687f547dc6c49d27cd68043a18936c9dac6120df5560bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 02:14:47 GMT
server: Apache
etag: "6be6-5f21bcc3970a9-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 8891
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 hoverIntent.min.js Show response
banks.org/wp-includes/js/ 1 KB
967 B 968ms
434ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:34:13 GMT
server: Apache
etag: "5db-5f1fc37c92770-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 721
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 imagesloaded.min.js Show response
banks.org/wp-includes/js/ 5 KB
2 KB 969ms
370ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 23:44:01 GMT
server: Apache
etag: "15fd-5c8c4607e1b69-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 2010
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 masonry.min.js Show response
banks.org/wp-includes/js/ 24 KB
9 KB 969ms
371ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 23:44:01 GMT
server: Apache
etag: "5e4a-5c8c4607e2b0a-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 8563
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 plugins-min.js Show response
banks.org/wp-content/themes/virtue/assets/js/min/ 69 KB
22 KB 1183ms
209ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/themes/virtue/assets/js/min/plugins-min.js?ver=3.4.5
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 881165abc0c62af9a1ace026192615efa2b487fbebdec445dda8eab2365a8de8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:52 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 02:14:47 GMT
server: Apache
etag: "115b2-5f21bcc398fea-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 22703
expires: Thu, 16 Feb 2023 20:41:52 GMT

GET
H2 200 magnific.js Show response
banks.org/wp-content/plugins/kadence-blocks/dist/ 20 KB
8 KB 969ms
359ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/plugins/kadence-blocks/dist/magnific.js?ver=2.4.22
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: fc7109dd6428c821842660a87bda6494e52c0f4ecad22105a1aed87e440ee0b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Wed, 11 Jan 2023 12:36:02 GMT
server: Apache
etag: "4f29-5f1fc3e461b3e-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 8269
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 virtue-lightbox-init-min.js Show response
banks.org/wp-content/themes/virtue/assets/js/min/ 2 KB
1011 B 970ms
355ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/themes/virtue/assets/js/min/virtue-lightbox-init-min.js?ver=3.4.5
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 76f52951e4880eb9712c68c37f40c977ca2a42b6f3f8e58f75c7ab74fa6535f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 02:14:47 GMT
server: Apache
etag: "930-5f21bcc399f8a-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 765
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 main-min.js Show response
banks.org/wp-content/themes/virtue/assets/js/min/ 5 KB
2 KB 971ms
357ms Script
application/javascript 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/themes/virtue/assets/js/min/main-min.js?ver=3.4.5
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: b9b653ee84e3052f0bc9096b24b78e15f3aae7bbc05561baad3b527bb5e6fcd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:51 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 02:14:47 GMT
server: Apache
etag: "1273-5f21bcc398fea-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 1724
expires: Thu, 16 Feb 2023 20:41:51 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 50 KB
18 KB 70ms
20ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:33:33 GMT
content-encoding: gzip
age: 499
x-guploader-uploadid: ADPycdvF6tFbiqUESBr-3D9tGmuLSFq6xCdFa7b7Yy8DqMWcAg9ahoAip7erezjgIxLI9EvLa8g-zCz0pj5N8_PJbabmjw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17435
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
server: UploadServer
etag: "caa762087e9d75cecc34b5d6626cb7b9"
vary: Accept-Encoding
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-generation: 1645129310876382
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 17435
accept-ranges: bytes
expires: Thu, 19 Jan 2023 20:43:33 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 124ms
35ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRoboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&ver=1672623260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://banks.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:40:07 GMT
x-content-type-options: nosniff
age: 14505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 16:40:07 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 162ms
74ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://banks.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 15:21:12 GMT
x-content-type-options: nosniff
age: 192040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 15:21:12 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 165ms
88ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://banks.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 09:00:35 GMT
x-content-type-options: nosniff
age: 214877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 09:00:35 GMT

GET
H2 200 kt-font-awesome.ttf
banks.org/wp-content/themes/virtue/assets/css/fonts/ 168 KB
168 KB 210ms
209ms Font
application/font-sfnt 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://banks.org/wp-content/themes/virtue/assets/css/fonts/kt-font-awesome.ttf?t9jwae
Requested by: Host: banks.org
URL: https://banks.org/wp-content/themes/virtue/assets/css/virtue.css?ver=3.4.5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 257011aeda1d6a0056a630915ca6daff92ec03dc6e45df519a89a10c894f2e14

Request headers

Referer: https://banks.org/wp-content/themes/virtue/assets/css/virtue.css?ver=3.4.5
Origin: https://banks.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:52 GMT
last-modified: Fri, 13 Jan 2023 02:14:47 GMT
server: Apache
accept-ranges: bytes
etag: "2a004-5f21bcc33e2ba"
content-length: 172036
content-type: application/font-sfnt

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 121ms
45ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://banks.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:33:08 GMT
x-content-type-options: nosniff
age: 90524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 19:33:08 GMT

GET
H2 200 banks.jpg
banks.org/wp-content/uploads/2016/03/ 4 KB
4 KB 481ms
480ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/2016/03/banks.jpg
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 29d9662278ef63e7d75f26fc4f1d96b4aea1290ee2d001569dd90dab3b5a189f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:52 GMT
last-modified: Thu, 24 Mar 2016 07:00:00 GMT
server: Apache
etag: "e3d-52ec5feb0fc00"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 3645
expires: Thu, 16 Feb 2023 20:41:52 GMT

GET
H2 200 1456266521056-2016-and-2017-Bank-Holiday-Schedule-846x400.jpg
banks.org/wp-content/uploads/2016/02/ 36 KB
36 KB 480ms
480ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/2016/02/1456266521056-2016-and-2017-Bank-Holiday-Schedule-846x400.jpg
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: ba78318acc6f2e7b17bf23a757d77f5406b9fea6989d0ea1b975f10692e9a567

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:52 GMT
last-modified: Fri, 02 Apr 2021 17:34:58 GMT
server: Apache
etag: "902e-5bf00c458565b"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 36910
expires: Thu, 16 Feb 2023 20:41:52 GMT

GET
H2 200 1708-featured-336x159.jpg
banks.org/wp-content/uploads/wordpress-popular-posts/ 45 KB
45 KB 469ms
468ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/wordpress-popular-posts/1708-featured-336x159.jpg
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 9824f812a64d358318dcf7f4f8e3feed3c33ba63b8bd505a6bc544113c5c1f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:52 GMT
last-modified: Tue, 16 Jul 2019 07:10:45 GMT
server: Apache
etag: "b325-58dc713474740"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 45861
expires: Thu, 16 Feb 2023 20:41:52 GMT

GET
H2 200 439-featured-336x159.jpg
banks.org/wp-content/uploads/wordpress-popular-posts/ 39 KB
40 KB 470ms
470ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/wordpress-popular-posts/439-featured-336x159.jpg
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 6c0087475dae0eb2ce22cc9ec70afdc94601e9b962dce992d6f13ff590e6f2d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:52 GMT
last-modified: Thu, 19 Dec 2019 19:58:25 GMT
server: Apache
etag: "9da5-59a13fbe99a40"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 40357
expires: Thu, 16 Feb 2023 20:41:52 GMT

GET
H2 200 658-featured-336x159.jpg
banks.org/wp-content/uploads/wordpress-popular-posts/ 35 KB
35 KB 469ms
469ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/wordpress-popular-posts/658-featured-336x159.jpg
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 5683e73002d98fa562f7b152f2d97141eeb1ebaaddfb6a56c1e34bd5e765f1e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:52 GMT
last-modified: Fri, 26 Jul 2019 00:33:13 GMT
server: Apache
etag: "8cf8-58e8ab0006440"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 36088
expires: Thu, 16 Feb 2023 20:41:52 GMT

GET
H2 200 1813-featured-336x159.png
banks.org/wp-content/uploads/wordpress-popular-posts/ 54 KB
54 KB 307ms
307ms Image
image/png 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/wordpress-popular-posts/1813-featured-336x159.png
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 6712b0994a3988b3097601c4cc76815e22ad4a1ac4bb43e740cb465fab87c59d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:52 GMT
last-modified: Sat, 31 Aug 2019 16:22:21 GMT
server: Apache
etag: "d71e-5916c24a76940"
content-type: image/png
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 55070
expires: Thu, 16 Feb 2023 20:41:52 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 356 KB
117 KB 165ms
95ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9300874048195348&plah=banks.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9300874048195348

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61eedaa09ffcb40d7f0418f6ce57e64ddb706e506af263d980a3719cfd9787cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119973
x-xss-protection: 0
server: cafe
etag: 2804597026386771325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 20:41:52 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230118/r20190131/ Frame 1C24 10 KB
5 KB 73ms
23ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230118/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9300874048195348

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 20:24:45 GMT
etag: 10353107486223812946
expires: Thu, 02 Feb 2023 20:24:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 you-cant-deposit-excuses-846x400.jpg
banks.org/wp-content/uploads/2023/01/ 37 KB
37 KB 217ms
216ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/2023/01/you-cant-deposit-excuses-846x400.jpg
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: f6e52879c56fb9b5d2d57dc7fdab0658474b04b871001a614b6aa6ec613e56a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:52 GMT
last-modified: Tue, 03 Jan 2023 00:03:45 GMT
server: Apache
etag: "946e-5f150cd2f9c7e"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 37998
expires: Thu, 16 Feb 2023 20:41:52 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
692 B 78ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=banks.org&callback=_gfp_s_&client=ca-pub-9300874048195348&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9300874048195348&plah=banks.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57f5fd80ce88993d7729a9b3534607c34413788c9ebbdd0a1ecb90eab26e9832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 332ms
30ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banks.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 332ms
32ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banks.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A7D7 5 KB
1 KB 193ms
192ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&adk=1812271804&adf=3025194257&lmt=1673452314&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x810_l%7C140x810_r&format=0x0&url=https%3A%2F%2Fbanks.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912418&bpp=9&bdt=1465&idt=318&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3179884074230&frm=20&pv=2&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=344

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0972ea5ef30fec818c79787f12e9bf2060592cd219cfe09acce2a05355a1e712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 829
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 20:41:52 GMT
expires: Thu, 19 Jan 2023 20:41:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A441 88 KB
31 KB 1219ms
1219ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=280&adk=4144480424&adf=1612389005&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=1200x280&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912427&bpp=2&bdt=1473&idt=345&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=73&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Rp3dLKmVqB&p=https%3A//banks.org&dtd=349

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0320ee490488634cb46e11cee8d350d86fc11600286ed504888fc0af6141f0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31433
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 20:41:53 GMT
expires: Thu, 19 Jan 2023 20:41:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 457-featured-336x159.jpg
banks.org/wp-content/uploads/wordpress-popular-posts/ 44 KB
45 KB 204ms
204ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/wordpress-popular-posts/457-featured-336x159.jpg
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: cb914ca1231703352d1bf40c3eead5fcda2dabc3535bae3436a2b67bc3681f41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:52 GMT
last-modified: Thu, 19 Dec 2019 20:32:11 GMT
server: Apache
etag: "b10a-59a1474abe8c0"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 45322
expires: Thu, 16 Feb 2023 20:41:52 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 80 KB
27 KB 104ms
103ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9300874048195348

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21fab37b6f1eac91c6d52739d68d01b4122234459ef60115c6f1ee227357eb27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28117
x-xss-protection: 0
server: cafe
etag: 10546339485738898417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 20:41:53 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3BA6 16 KB
9 KB 421ms
420ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912987&bpp=1&bdt=2033&idt=1&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280&nras=3&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0EY4EDvagM&p=https%3A//banks.org&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26e57c1b495a5b20e8daf8b313ce5388286d3938ea5b18eeebd2b104b43e57af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 8735
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 20:41:53 GMT
expires: Thu, 19 Jan 2023 20:41:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 620-featured-336x159.jpg
banks.org/wp-content/uploads/wordpress-popular-posts/ 41 KB
41 KB 199ms
199ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/wordpress-popular-posts/620-featured-336x159.jpg
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: fe882c8b5335f62577f971c21e9966c3531455194e0a5773c43ba792e6d6d2a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:53 GMT
last-modified: Thu, 19 Dec 2019 19:54:39 GMT
server: Apache
etag: "a287-59a13ee711dc0"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 41607
expires: Thu, 16 Feb 2023 20:41:53 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 33ms
30ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banks.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 33ms
31ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banks.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A005 20 KB
8 KB 929ms
927ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=280&adk=3039446094&adf=1308214307&pi=t.aa~a.343856025~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=336x280&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912992&bpp=1&bdt=2038&idt=0&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280%2C263x600&nras=4&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fwoQU57OeO&p=https%3A//banks.org&dtd=322

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df8684a57441a6cdb0a2e2fa54792015c43180a8cdeb59b6af5eed5fa36982aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 8535
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 20:41:54 GMT
expires: Thu, 19 Jan 2023 20:41:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B199 624 B
242 B 61ms
60ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnfyZyAEwAQ&v=APEucNVuKWVMRUUKGIp-IIlNtm269kM7xiPE_-4KzPsHlpTh1q9gTu_mX8ecABmz8ADjvcuw3GucpSmp-EHkdu1sKAoJhUd_OeRhHQyZze5npkQP-TIDHKxo528CI4WrMK-r7iidLNMnyjO26BDPEgVWJI3DCiuBERrW5FzE8FWRI2m58qEpVRk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912987&bpp=1&bdt=2033&idt=1&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280&nras=3&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0EY4EDvagM&p=https%3A//banks.org&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912987&bpp=1&bdt=2033&idt=1&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280&nras=3&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0EY4EDvagM&p=https%3A//banks.org&dtd=21
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 20:41:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E7D8 76 KB
27 KB 87ms
85ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27384
x-xss-protection: 0
server: cafe
etag: 10506132538256102613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 20:41:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame E7D8 3 KB
1 KB 129ms
38ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:48:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 16:48:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame E7D8 18 KB
8 KB 125ms
34ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 17:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 17:12:28 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E7D8 0
0 147ms
55ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBTC2NMUvvVwtNNFivFyPWXUACZQ1zzWwoZnsNC-5seA90cGlBvV-SlH07F2yEw3ZFTic1fwildL0MLv98aCWx_0pgYA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912987&bpp=1&bdt=2033&idt=1&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280&nras=3&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0EY4EDvagM&p=https%3A//banks.org&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E7D8 155 KB
48 KB 96ms
94ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 20:41:53 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D8 42 B
63 B 148ms
147ms Image
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AQhYiRqloiC1HG0L0UKdW8lyY8fraCwjesn980nBb8b1Fv1Z_rqnEBRmI0R7QHEjvDqXOF4Wn3Hr07kx7HhEZG6bev6AIFcEGK6vQ2DxmtmsDPR6U

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D8 0
20 B 148ms
147ms Image
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3819253069018097456&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D8 0
20 B 148ms
148ms Image
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=dbg&cor=3819253069018097456&x=1&ct=76&dl=0&ds=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B199
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY7i9iPHFLVpzNWBluPWEk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY7i9iPHFLVpzNWBluPWEk&google_cver=1&C=1

43 B
632 B

34ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY7i9iPHFLVpzNWBluPWEk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnfyZyAEwAQ&v=APEucNVuKWVMRUUKGIp-IIlNtm269kM7xiPE_-4KzPsHlpTh1q9gTu_mX8ecABmz8ADjvcuw3GucpSmp-EHkdu1sKAoJhUd_OeRhHQyZze5npkQP-TIDHKxo528CI4WrMK-r7iidLNMnyjO26BDPEgVWJI3DCiuBERrW5FzE8FWRI2m58qEpVRk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 20:41:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 20:41:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEAY7i9iPHFLVpzNWBluPWEk&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B199
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8mrEf7EB-.Db7oPEgSXZgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY7i9iPHFLVpzNWBluPWEk&google_cver=1&google_hm=2

43 B
632 B

22ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY7i9iPHFLVpzNWBluPWEk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnfyZyAEwAQ&v=APEucNVuKWVMRUUKGIp-IIlNtm269kM7xiPE_-4KzPsHlpTh1q9gTu_mX8ecABmz8ADjvcuw3GucpSmp-EHkdu1sKAoJhUd_OeRhHQyZze5npkQP-TIDHKxo528CI4WrMK-r7iidLNMnyjO26BDPEgVWJI3DCiuBERrW5FzE8FWRI2m58qEpVRk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 20:41:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAY7i9iPHFLVpzNWBluPWEk&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B199
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFaHxn5If8C9FDxijMJpDP8&google_cver=1

43 B
1 KB

27ms
21ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFaHxn5If8C9FDxijMJpDP8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnfyZyAEwAQ&v=APEucNVuKWVMRUUKGIp-IIlNtm269kM7xiPE_-4KzPsHlpTh1q9gTu_mX8ecABmz8ADjvcuw3GucpSmp-EHkdu1sKAoJhUd_OeRhHQyZze5npkQP-TIDHKxo528CI4WrMK-r7iidLNMnyjO26BDPEgVWJI3DCiuBERrW5FzE8FWRI2m58qEpVRk

Protocol

HTTP/1.1

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 20:41:53 GMT
AN-X-Request-Uuid: 15a2fa27-4f87-43d0-9d83-d38ed742a1b8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFaHxn5If8C9FDxijMJpDP8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B199
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjM0NjE2MzY4NzE1NDc3Ng%3D%3D

170 B
243 B

31ms
30ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjM0NjE2MzY4NzE1NDc3Ng%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 19 Jan 2023 20:41:53 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b630364a-183c-4ca9-b9e9-7e060b192b36
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjM0NjE2MzY4NzE1NDc3Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D8 0
20 B 148ms
147ms Ping
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9438922073907&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D8 0
20 B 148ms
147ms Ping
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9438922073907&version=m202209210101&ct=76&x=1&cor=3819253069018097700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E7D8 100 KB
38 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DM99c7XpUqnQ5Av3v9tJZ5Pgh6ubfkly0rvdbpyT6jSlGQp4Ig-2lQFDcuDbE4c1ch3INxGIP1xkvY3Rcr1tBZB8M_IRzEGqTMOavA2u7jxpMgGLb0kfRbCXSyAUHrwhj8lktg3SeSCsvLos34Jpki9jnF05BsIHMlMhkhzen9C2NWxxo&dbm_d=AKAmf-CE_Q6N3xL2valjrdiyixDQ-_CAik_LOKbI5O3KCv8CLre_N0zoN2EpgWb0ZJM8FbDrCAbzm0YJigISxWcALlfLhuy47txNkehN_S7ryVIiDunkfkgxGmW8Ice3p8Z4toM2NK5CJ43klwnu8qwWyvDngPu1oeQaUIrVZiwkNnIPkfapH4gIlfKtgY_BpsZuU2VWsMp12ob-dosZYI8n6ORiGm9Y2Zp3nxXEFv5dltj8JJDraM75-xOiUqF-kgrY6uXWj12r-mmRP3X_Vr_r1p6UGj1S23CPzxoD4nOXMyswV2O8kXSw7VC40Oemdajaj9U7yx4hLE3Tx3a_Jo7Rc0yhn0DsaIeCfNPA--xyYPFcP2A1mM-TfehApI0ExqzFbQ_M8Eu3kSvYLSaXWDVb3TI3q9Y4rR7QOI3o_qfTBsToiVkqF8RzSHs1o5SUzLiXlFhCVHumIa_iDo2-nttY07DADNuRpLuqpfVBrGpSBMP0e_wRBm0gjRoOv24aGfqbIy4xbPuTbIQr8-4ENsvGReAFCuFKHy7jjzphWGGvf0iKiQqA3IdkFB4g4jVRIvb2ZS2P2-zyber4DQ4L5H1bngEiXpb34bS0NYdAVqoZ1iWxpaP1vykGClgpLiKiTtxOODLxZTVZgm5IV1f-x6xdnXjm7Yh2m6E2W4P4nEuapazF1Za_C5BMV1JJcG1aJ2IGpTzZUhjNGXJdrWvkD6uwwilYZTwpDjPlsPeWUR3uJhTGkdDaoBUFE3hUDflXiexdY_4aT_cx8i95wmTNHTUKZPe7G90t_-kIX3_dNplr4h8zV3lwcbVNo_ohhcSZDlZOt6vgQIURng1d-Egp79tbTgNna95-igBZLeOd1KrrdM_IqUrN4N_eCtQwhKcTmvcpYIEwoYiIVkZD1RlMzMkmaTZkLJAQjmndLZZugpwkEVU4ZGOEiBhqt76QkTAhDK8SeZiz6S2Fmm42N6TC9aCczYuPGkToudSbz12OV8hza_-b6ZJWlbAW7E1FcvM9BaHK0vbqs-sJopOpd5vj_vn-AomiMDdF9VxUUCwdbgsE9EnTuOely3XpCJv0aAri7RGJijO033mtjYF5Bel_aKfamW-zChJRpM3pYdNr57ZZcY1j7GYVnai9eE_9z7O5F-uH8c9E98WtuOLVlNd3bMBzUQZvUaiR5yT_7R3V80hFRSZKvGg2AgTfSA7dkssg1P_HueH1EExmHVgkET55mRqZjs_yi76UfbIpoTLsXFObix8WtagCnuVpZisCA2uGMVpsFVlFE1EaebOzhW54PdiU-XLoZq9GdDB9HwOHYQVzn285MLCdTyPWBq0Ap7qsRQL5dvgxg_7Ih9AXLNSED9iYs-7K_i8KLTbJntaXy2yKp760Gc3sfa3jM27o6ac1phDs04HNalDogXlczN8vr95BtiR4-8cugbrf8TaclOpkpzzlhipB--hgyQo86WhOcq3nid09FuPDPt_jrBVGZxrH1xL-eziTJ3tLMfNaxYkjoqhZ6a-O_CDEpz525KuKSnf--ybwkmzYZSd4D4quBB-btre1p_hze1TdqA0Ty3UzIRPS85j70-M3YaPYAItbbRRxfnVdHyLn9MSjIOr4tMHblRMxIMKGV5DjhGRx7YEgVHWrlHjAk0XFRfFPDCCHc1ZPXkvksuHdGnlMfdJrDDMCPi1Qd_TVO8Skg1E3zcvNByWZOcN7PiIMUrqWDzB8cf4xSWGEx1uNuVbdER25eN690Qo4TZY7OGixoOFCKLOTSIsdwgXDbGXfyYeWyI25hZR81NgqafN07syNSpD76RXd18JqHvf7uIdiw1Tuzy7RPzrYIkHEGa5Y0HXon3gYDH_dyWlw9OzOCqbgAb9vD914R2NA-UF_6tc5bWtccJsx44OJGGazN3OMg48J3LdoI8CgiopNm3D7aFEa0FNs09yZI9SMrb7Lp712v35pBEETVkAOJK0XsZje-7sVVNzkSfkvmnwsPGu-_6-chSVxTgTF4HeDO-AHFnVfGcHr6p-1sB91UyUEV48OXa8LYH2bxm98ZG4O6WRrBmRhV1LPozC6hS-Izrw8g4Wo8aQbvPWVYmrrPgI_kagqLAbAdAyIOOU-_PeN-_gRfpWppNFoBhVYNaV2hgBIh7AcSUqU4Xt6pXSg86NcgbDOKPR7Z4HETGoThZ2WcQ-8BqH7eO4Q-40qghutM88BXDWrKSFPsIhb7VpPp0TceOLNAiLBWraZaYn6qRHEA1IAx_PRVbSA51jExj6Ggwg3MU7E1hv66gygRySIgtFMNsZrWIVWNGf0-J2rMV9Q0IfVSDBv22IT4dRefmJfSu7V9OpxHVrEQ5XcZLT0O96JroyqLNkvPxvSAQhGJBDCwVl-59inP2zoPif1CtxTN8Wuyyy2GFE_-G3UF2Q2QlFkVTOZgEWTyb3gvUYCUG_jcb1aBYXWlvNOXHBI87JUVhrvhVgd_SYCPR4VAx8AqkX-_Dp6AUGOpwYBBXRreAlQf2ZR5vox5zC5imXu7c6aK57AmICtqIvkHWXQUsrY17XQ1B-794I0VW0e0SVcdUWCFjqkDu8cgbzJvr0IHUuszrE9_5-8qbr71Nna3e9FjRJu894tlxJkJoZPAJ3zQ886hiTcOeC53MiS5Ji98zsKdAkJ3kzENJuMjC3Yhe5UoquAfb1aloxxnecr-Nq1OigiogGRDPoyPsdp27JlX9gGUhs3zgIBupPjCUBtBiQWOEEYJx6cP7VlEsCBODmRuzAXYFDk7LamWP3TP_LHpUTmfHxUEKepH-N-FaJ6qHqMN9kf4Zif-YH2xOR_jIFVNulRWZ2fAPGIoy05CbWEQjyZlD16cPbLFH7zkWaxDbgaNxSOMoOBS4GcHzpNBD1K0JYnhV8aHdxS2--PvAtmus0Y4ZaHCaxsN8prfQC2iyZYhSpII9hSlvJQirAzB31FUaGxWX5q7QRDXiSOzgPSSnufFBE-IFTM_I5bfRV6rjcT1COdxCn204IXzH9OPdCpFEX-Ys-dYF2U160brPMhkb2as40kA6gii1PnxUuhOmTNC4EilP_KQxMdsdDBNk8mNLfolwBDYtntoBqG_RsoE2ggc6G1FOE3TNO6K-h1E40hLW4g8TQg2HtjKNnOeiA7F7DV16bQp2KsovS_thPI6UQDktUcpwaHrzqeP7Fbjn3zy1Rew87wmZWko2RESxYKVLDOU692K26lmzyCSU0l5cm1uVgGHAXw6tDT-78hWk0zvWspjMp63jcrBOtkL-iw5uza5VkKHXeSsbeprSJ4phnklxMeCw&cid=CAQSOwDq26N9sTM0KGMtdXB-wnjaNYwvLncP5ZLQV_pLl7-_0xYD0AhEaxxATyirX7RtdqNifmQbYmoXubjEGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbanks.org%2F&ds=l&xdt=1&iif=1&cor=3819253069018097700&adk=497053795&idt=109&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a560701c39fb8d3594444acc70a9b591f0d77b740573df4cd4bdb9de2f5ac8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912987&bpp=1&bdt=2033&idt=1&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280&nras=3&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0EY4EDvagM&p=https%3A//banks.org&dtd=21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38530
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/886862/62196421/ Frame E7D8 242 KB
73 KB 146ms
45ms Script
application/javascript 52.210.92.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/886862/62196421/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.92.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-92-129.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5f1d89bc5364cdab08ab581ba923a894515829024ea669d3c2a43d79ea4fac96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:53 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame E7D8 170 KB
59 KB 89ms
21ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: banks.org
URL: https://banks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 14:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24051
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Jan 2023 14:01:02 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/ Frame E7D8 8 KB
3 KB 33ms
33ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DM99c7XpUqnQ5Av3v9tJZ5Pgh6ubfkly0rvdbpyT6jSlGQp4Ig-2lQFDcuDbE4c1ch3INxGIP1xkvY3Rcr1tBZB8M_IRzEGqTMOavA2u7jxpMgGLb0kfRbCXSyAUHrwhj8lktg3SeSCsvLos34Jpki9jnF05BsIHMlMhkhzen9C2NWxxo&dbm_d=AKAmf-CE_Q6N3xL2valjrdiyixDQ-_CAik_LOKbI5O3KCv8CLre_N0zoN2EpgWb0ZJM8FbDrCAbzm0YJigISxWcALlfLhuy47txNkehN_S7ryVIiDunkfkgxGmW8Ice3p8Z4toM2NK5CJ43klwnu8qwWyvDngPu1oeQaUIrVZiwkNnIPkfapH4gIlfKtgY_BpsZuU2VWsMp12ob-dosZYI8n6ORiGm9Y2Zp3nxXEFv5dltj8JJDraM75-xOiUqF-kgrY6uXWj12r-mmRP3X_Vr_r1p6UGj1S23CPzxoD4nOXMyswV2O8kXSw7VC40Oemdajaj9U7yx4hLE3Tx3a_Jo7Rc0yhn0DsaIeCfNPA--xyYPFcP2A1mM-TfehApI0ExqzFbQ_M8Eu3kSvYLSaXWDVb3TI3q9Y4rR7QOI3o_qfTBsToiVkqF8RzSHs1o5SUzLiXlFhCVHumIa_iDo2-nttY07DADNuRpLuqpfVBrGpSBMP0e_wRBm0gjRoOv24aGfqbIy4xbPuTbIQr8-4ENsvGReAFCuFKHy7jjzphWGGvf0iKiQqA3IdkFB4g4jVRIvb2ZS2P2-zyber4DQ4L5H1bngEiXpb34bS0NYdAVqoZ1iWxpaP1vykGClgpLiKiTtxOODLxZTVZgm5IV1f-x6xdnXjm7Yh2m6E2W4P4nEuapazF1Za_C5BMV1JJcG1aJ2IGpTzZUhjNGXJdrWvkD6uwwilYZTwpDjPlsPeWUR3uJhTGkdDaoBUFE3hUDflXiexdY_4aT_cx8i95wmTNHTUKZPe7G90t_-kIX3_dNplr4h8zV3lwcbVNo_ohhcSZDlZOt6vgQIURng1d-Egp79tbTgNna95-igBZLeOd1KrrdM_IqUrN4N_eCtQwhKcTmvcpYIEwoYiIVkZD1RlMzMkmaTZkLJAQjmndLZZugpwkEVU4ZGOEiBhqt76QkTAhDK8SeZiz6S2Fmm42N6TC9aCczYuPGkToudSbz12OV8hza_-b6ZJWlbAW7E1FcvM9BaHK0vbqs-sJopOpd5vj_vn-AomiMDdF9VxUUCwdbgsE9EnTuOely3XpCJv0aAri7RGJijO033mtjYF5Bel_aKfamW-zChJRpM3pYdNr57ZZcY1j7GYVnai9eE_9z7O5F-uH8c9E98WtuOLVlNd3bMBzUQZvUaiR5yT_7R3V80hFRSZKvGg2AgTfSA7dkssg1P_HueH1EExmHVgkET55mRqZjs_yi76UfbIpoTLsXFObix8WtagCnuVpZisCA2uGMVpsFVlFE1EaebOzhW54PdiU-XLoZq9GdDB9HwOHYQVzn285MLCdTyPWBq0Ap7qsRQL5dvgxg_7Ih9AXLNSED9iYs-7K_i8KLTbJntaXy2yKp760Gc3sfa3jM27o6ac1phDs04HNalDogXlczN8vr95BtiR4-8cugbrf8TaclOpkpzzlhipB--hgyQo86WhOcq3nid09FuPDPt_jrBVGZxrH1xL-eziTJ3tLMfNaxYkjoqhZ6a-O_CDEpz525KuKSnf--ybwkmzYZSd4D4quBB-btre1p_hze1TdqA0Ty3UzIRPS85j70-M3YaPYAItbbRRxfnVdHyLn9MSjIOr4tMHblRMxIMKGV5DjhGRx7YEgVHWrlHjAk0XFRfFPDCCHc1ZPXkvksuHdGnlMfdJrDDMCPi1Qd_TVO8Skg1E3zcvNByWZOcN7PiIMUrqWDzB8cf4xSWGEx1uNuVbdER25eN690Qo4TZY7OGixoOFCKLOTSIsdwgXDbGXfyYeWyI25hZR81NgqafN07syNSpD76RXd18JqHvf7uIdiw1Tuzy7RPzrYIkHEGa5Y0HXon3gYDH_dyWlw9OzOCqbgAb9vD914R2NA-UF_6tc5bWtccJsx44OJGGazN3OMg48J3LdoI8CgiopNm3D7aFEa0FNs09yZI9SMrb7Lp712v35pBEETVkAOJK0XsZje-7sVVNzkSfkvmnwsPGu-_6-chSVxTgTF4HeDO-AHFnVfGcHr6p-1sB91UyUEV48OXa8LYH2bxm98ZG4O6WRrBmRhV1LPozC6hS-Izrw8g4Wo8aQbvPWVYmrrPgI_kagqLAbAdAyIOOU-_PeN-_gRfpWppNFoBhVYNaV2hgBIh7AcSUqU4Xt6pXSg86NcgbDOKPR7Z4HETGoThZ2WcQ-8BqH7eO4Q-40qghutM88BXDWrKSFPsIhb7VpPp0TceOLNAiLBWraZaYn6qRHEA1IAx_PRVbSA51jExj6Ggwg3MU7E1hv66gygRySIgtFMNsZrWIVWNGf0-J2rMV9Q0IfVSDBv22IT4dRefmJfSu7V9OpxHVrEQ5XcZLT0O96JroyqLNkvPxvSAQhGJBDCwVl-59inP2zoPif1CtxTN8Wuyyy2GFE_-G3UF2Q2QlFkVTOZgEWTyb3gvUYCUG_jcb1aBYXWlvNOXHBI87JUVhrvhVgd_SYCPR4VAx8AqkX-_Dp6AUGOpwYBBXRreAlQf2ZR5vox5zC5imXu7c6aK57AmICtqIvkHWXQUsrY17XQ1B-794I0VW0e0SVcdUWCFjqkDu8cgbzJvr0IHUuszrE9_5-8qbr71Nna3e9FjRJu894tlxJkJoZPAJ3zQ886hiTcOeC53MiS5Ji98zsKdAkJ3kzENJuMjC3Yhe5UoquAfb1aloxxnecr-Nq1OigiogGRDPoyPsdp27JlX9gGUhs3zgIBupPjCUBtBiQWOEEYJx6cP7VlEsCBODmRuzAXYFDk7LamWP3TP_LHpUTmfHxUEKepH-N-FaJ6qHqMN9kf4Zif-YH2xOR_jIFVNulRWZ2fAPGIoy05CbWEQjyZlD16cPbLFH7zkWaxDbgaNxSOMoOBS4GcHzpNBD1K0JYnhV8aHdxS2--PvAtmus0Y4ZaHCaxsN8prfQC2iyZYhSpII9hSlvJQirAzB31FUaGxWX5q7QRDXiSOzgPSSnufFBE-IFTM_I5bfRV6rjcT1COdxCn204IXzH9OPdCpFEX-Ys-dYF2U160brPMhkb2as40kA6gii1PnxUuhOmTNC4EilP_KQxMdsdDBNk8mNLfolwBDYtntoBqG_RsoE2ggc6G1FOE3TNO6K-h1E40hLW4g8TQg2HtjKNnOeiA7F7DV16bQp2KsovS_thPI6UQDktUcpwaHrzqeP7Fbjn3zy1Rew87wmZWko2RESxYKVLDOU692K26lmzyCSU0l5cm1uVgGHAXw6tDT-78hWk0zvWspjMp63jcrBOtkL-iw5uza5VkKHXeSsbeprSJ4phnklxMeCw&cid=CAQSOwDq26N9sTM0KGMtdXB-wnjaNYwvLncP5ZLQV_pLl7-_0xYD0AhEaxxATyirX7RtdqNifmQbYmoXubjEGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbanks.org%2F&ds=l&xdt=1&iif=1&cor=3819253069018097700&adk=497053795&idt=109&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 17:06:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12932
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 17:06:21 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame E7D8 28 KB
11 KB 33ms
33ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 17:06:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12932
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10811
x-xss-protection: 0
server: cafe
etag: 10713822464293745175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 17:06:21 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E7D8 41 KB
15 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 21:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 21:33:36 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3563 1 KB
643 B 36ms
35ms Document
text/html 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 06:31:40 GMT
etag: 48472445140208031
expires: Fri, 20 Jan 2023 06:31:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E7D8 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c40b3f5804156e86a5588aa67c3e0ad23679f84b66b987b40847fce66f0e74af

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 756C 22 KB
8 KB 34ms
33ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 22791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 14:22:02 GMT
expires: Fri, 19 Jan 2024 14:22:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3563 35 B
463 B 101ms
29ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGovlGHRK8MLOe9cf7cE_tg&google_cver=1&google_push=AavPq0NUnMcfzYACt1TpBif3K-8QAK6so1toCIoIujYP0Xr-xZjdup-HBY_FYZiDT3Ay9AAdtAoLD6KPm7CFtMArEsLVTczRp3ds3UblOHVRlnsZwCVX_ONGSc38NuUSrDmt_5hrL8E4iX2m7Q

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:53 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3563
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGRhWbDmbaUPVvkFpZJ0EFA&google_push=AavPq0OJvBJdzgkoJ-mpNMMuAerPtDxJjkcybx47VtE4S8Zqu4R72H1K-i...

170 B
188 B

34ms
33ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGRhWbDmbaUPVvkFpZJ0EFA&google_push=AavPq0OJvBJdzgkoJ-mpNMMuAerPtDxJjkcybx47VtE4S8Zqu4R72H1K-imalMc2oPACi24_BGBF6rsOsRIKemTIZomemHmnPYWeZla92MRIhBLH8pfIino-pAiOzhy-1aI-k5pAjd12r6hFcr8

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220098-HHN
pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1674160914.938679,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGRhWbDmbaUPVvkFpZJ0EFA&google_push=AavPq0OJvBJdzgkoJ-mpNMMuAerPtDxJjkcybx47VtE4S8Zqu4R72H1K-imalMc2oPACi24_BGBF6rsOsRIKemTIZomemHmnPYWeZla92MRIhBLH8pfIino-pAiOzhy-1aI-k5pAjd12r6hFcr8
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3563
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENhg-K-BnRd7yvB108Zjl5A&google_cver=1&google_push=AavPq0PqkOKTuWJtt95iQZyZDaPnC18u6tU5c65_MR_G_WsvFoeIyb5KBvlkbJmV0tiCHjk-kajGWIIywTv7dCF923Tk...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENhg-K-BnRd7yvB108Zjl5A&google_cver=1&google_push=AavPq0PqkOKTuWJtt95iQZyZDaPnC18u6tU5c65_MR_G_WsvFoeIyb5KBvlkbJmV0tiCHjk-kajGWIIywTv7dC...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PqkOKTuWJtt95iQZyZDaPnC18u6tU5c65_MR_G_WsvFoeIyb5KBvlkbJmV0tiCHjk-kajGWIIywTv7dCF923TkHGQ4ZG1UaibBZTtbvwWF5oZDm8qZUAMgwwCxW9D-9Q...

170 B
188 B

42ms
41ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PqkOKTuWJtt95iQZyZDaPnC18u6tU5c65_MR_G_WsvFoeIyb5KBvlkbJmV0tiCHjk-kajGWIIywTv7dCF923TkHGQ4ZG1UaibBZTtbvwWF5oZDm8qZUAMgwwCxW9D-9Q4I9nsMRJN8Ysc&google_hm=lLC3dhYRQVi_YXF6ChGZBQ==

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PqkOKTuWJtt95iQZyZDaPnC18u6tU5c65_MR_G_WsvFoeIyb5KBvlkbJmV0tiCHjk-kajGWIIywTv7dCF923TkHGQ4ZG1UaibBZTtbvwWF5oZDm8qZUAMgwwCxW9D-9Q4I9nsMRJN8Ysc&google_hm=lLC3dhYRQVi_YXF6ChGZBQ==
date: Thu, 19 Jan 2023 20:41:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 3563 43 B
350 B 109ms
28ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPbar31OK4Q790TnOuFKQhE&google_cver=1&google_push=AavPq0MtYNa69w_5rm3ayoFhP5d5SVOi5QPjKL98FTNNNUxY2uUjgB7mhTKvoOwWO3kFVfHx-YS3Ig73nAdFJoi2MrxMrWk2UqbtDmoCocEK751PmjvnC8OM5HGiI2A34gFRoHzC4CuE2jYd344
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912987&bpp=1&bdt=2033&idt=1&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280&nras=3&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0EY4EDvagM&p=https%3A//banks.org&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:53 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: aqm5ptv01gbip5shm8qt4fbir12op3j0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3563
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAeBTqf7hScNHxEm5XQ_r4s&google_cver=1&google_push=AavPq0PwIvHbz6Q1a_SSQbX1RFN7VSsDXFqoohsAi_Xj10Ls_XVx9EZOIXejF--cJKYLmJDSoPm...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQzSzZLTkMtMVYtMTVVWg==&google_push=AavPq0PwIvHbz6Q1a_SSQbX1RFN7VSsDXFqoohsAi_Xj10Ls_XVx9EZOIXejF--cJKYLmJDSoPmm0xId-vMFSofxY-xINglqq5TXV...

170 B
188 B

32ms
32ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQzSzZLTkMtMVYtMTVVWg==&google_push=AavPq0PwIvHbz6Q1a_SSQbX1RFN7VSsDXFqoohsAi_Xj10Ls_XVx9EZOIXejF--cJKYLmJDSoPmm0xId-vMFSofxY-xINglqq5TXVwzU42iCRuFBhWuAcfo7rJC9EDW8651sKfaHDrKLhbk0cOY

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQzSzZLTkMtMVYtMTVVWg==&google_push=AavPq0PwIvHbz6Q1a_SSQbX1RFN7VSsDXFqoohsAi_Xj10Ls_XVx9EZOIXejF--cJKYLmJDSoPmm0xId-vMFSofxY-xINglqq5TXVwzU42iCRuFBhWuAcfo7rJC9EDW8651sKfaHDrKLhbk0cOY
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3563
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPyGdhyk9sa1Hso-F9bgLnI&google_cver=1&google_push=AavPq0N2DBSMAvs0F4EDIY2qJ84XCoi5R_6DZzKrxBFlTDjRgBTIcZ-2KAShlY1zKtPzR4oPpebaLuFOQi6K...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0N2DBSMAvs0F4EDIY2qJ84XCoi5R_6DZzKrxBFlTDjRgBTIcZ-2KAShlY1zKtPzR4oPpebaLuFOQi6K-LWFQC0im4Y07do2jrMOqbk4xpZZJpUVMNiA...

170 B
188 B

35ms
35ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0N2DBSMAvs0F4EDIY2qJ84XCoi5R_6DZzKrxBFlTDjRgBTIcZ-2KAShlY1zKtPzR4oPpebaLuFOQi6K-LWFQC0im4Y07do2jrMOqbk4xpZZJpUVMNiAttS7CuNPeSD5uciqKfG0hu17S9E

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0N2DBSMAvs0F4EDIY2qJ84XCoi5R_6DZzKrxBFlTDjRgBTIcZ-2KAShlY1zKtPzR4oPpebaLuFOQi6K-LWFQC0im4Y07do2jrMOqbk4xpZZJpUVMNiAttS7CuNPeSD5uciqKfG0hu17S9E
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3563
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIGYnjjjeIDr0DylWZuyt2c&google_cver=1&google_push=AavPq0NLk3UNe8DflkuPhp03CVh_y_GdoQw3ktz6ARB8qhZQ7flazZz1TNBY0_PIvGdu2DXuok...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIGYnjjjeIDr0DylWZuyt2c&google_cver=1&google_push=AavPq0NLk3UNe8DflkuPhp03CVh_y_GdoQw3ktz6ARB8qhZQ7flazZz1TNBY0_PIvGdu2DXuok...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Sa1E4U2N0RTJ1RU9LZ09zQU9Hc05YcTVRbkhnOEI1SX5B&google_push=AavPq0NLk3UNe8DflkuPhp03CVh_y_GdoQw3ktz6ARB8qhZQ7flazZz1T...

170 B
188 B

32ms
31ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Sa1E4U2N0RTJ1RU9LZ09zQU9Hc05YcTVRbkhnOEI1SX5B&google_push=AavPq0NLk3UNe8DflkuPhp03CVh_y_GdoQw3ktz6ARB8qhZQ7flazZz1TNBY0_PIvGdu2DXuokR7YutBiIHxQGMoLAFfWlFy2bKMxv9gZvfjsrmkFE1a2bVbdcxJzpxMPAPu3EaZkTjWrA9eJEhx

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Sa1E4U2N0RTJ1RU9LZ09zQU9Hc05YcTVRbkhnOEI1SX5B&google_push=AavPq0NLk3UNe8DflkuPhp03CVh_y_GdoQw3ktz6ARB8qhZQ7flazZz1TNBY0_PIvGdu2DXuokR7YutBiIHxQGMoLAFfWlFy2bKMxv9gZvfjsrmkFE1a2bVbdcxJzpxMPAPu3EaZkTjWrA9eJEhx
date: Thu, 19 Jan 2023 20:41:53 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3563 0
12 B 30ms
29ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Is1YXiFVTpjRUjGtTfcQGRcKKfvQyEOvfZNlvM3LkFIuz3CLNuzZDdlbZcxmVrREYP7U06xg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/ Frame F896 21 KB
4 KB 71ms
28ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1c179a35bbd5bd7f163ee50d2bd50ef441e5a5d321bff57ab78989540bdb068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 20:41:53 GMT
expires: Fri, 19 Jan 2024 20:41:53 GMT
last-modified: Tue, 10 May 2022 13:01:16 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E7D8 0
0 183ms
79ms Fetch
image/gif 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEt4bJWR3EVuzXsrEJy-8OIHEvIntVcIXgFUUxZV3vbQT3-93SymifBvH2zOO_EgXX1-vysrNgzdRSE0nQnU6AYVGJGzuHaC34YOp5VPaJw6MAZGPuxPFO_LpnQaUnOSmL_xcWXduTZmNdsU2obDhjpsAhwH8PxbY2aSa9FYDSZIztTxfCEaP39dL7iVsf2YkL5-BmKAZhy10hYeF__y_pT0Tv759_XeYFGm9eIVybznVGrCWPWkEa3K7e09CTXXai0qH69Ou3Ol2FlQacc86FbTKsplczRSEOYvatdOt_ObhBZpML2wlVxZg-H8jHpP1tEkw1jbW3wpDXvc-P9qL3REo9Hxuj8KFYVgXEcY6XHTj316WcN2hYbcCJVitNqvmJh6YQ9PuhFFvTzXnGpxP8gfn53p9vTaNLUamajdJIAiZ09vzh2jROaaed2U52IDIA_vy_6jOyrwGdIXm3FM7Kyo3HNRsnm08BQabIX8hih5Cpx-ZEdPZAty6pJk-KHNMvJTHYB1VvzNUGIujPtqLRqAJRnYAY1Aq4tKdWh6CFzsctfR_2GqSwKphBnYND2n3iXqDQrBqwD2-NlEook6Fho2bcuY9H1KNMA03xeBx2028R1iN3iynVb292g0y5G5ATnkbiza1OwOrcRr-dTj18mL1LpvQjhccTkTvjOFsKgV0wBDiphhogj5lh-C8eWcuW9Vcq55ClmVF5YSEuA1otIzfXiD3BTug_sipm6tsBa9Je6TdgyWgNc9_mOGpXFXz2cG3vrZ03ktUYKMo05VqVzKD-DoCbUNUt_u00eGvrgtcTneNPtcvpCwhwbb0xq1DoabdWk-FT66ZdsnN_PUT3V0rL-RFXwMV51FYbKXKOBI7y1HIB38vMAHhL4nQOZsLSwwgnrjoxn4OTwr8TNg3-QmyPZfcFC-qk-_dcbU5gCO9sXVQihuqz47a5ITibQI1wAgRaSOQKxJqCzOAsLmn5IZDJmfAi28JFcM3ciYFxspeNGHk7CFz78P5RK2jBoywRJYWCOupNSyoTHoqQdxDEkbEUQxE3GfNJxin45Ow3YyGpHRqmz74sCgH7toxpOGf3QtkkjhZzh2KERiXJ3jBusYhB1AwZfqG9R5BX85d4Wtx-v_95u5p--aSp6gkTcYVrNcNNcUrXnLjYeAmTTmcfW2KPqgTbQHwxaZVZhUIMSxn2hjyH2u3Mf7JaGHEx8eYoiTRS5R9EMgSHeqleAhDv&sai=AMfl-YQwnfewwYaUh-RaJydRe-bxzmx7uRJ9RLnryaJIk-NR3dOYp2zR59YN0hXvATpdbBaMzzOJnpoGhJ7cmzBhnQpGiFuYqBNgln5RHf_-KxiXnuTUpkr1Tz6znUk1gixDzo2ZBMnk8YSNiFn5pGsFIVklX0ZQF_eTTvUR9a07mtts1Q6B_FL5BB5dmYZsmdGSsdN0iG3OXclelfCAGBjSq1-xsCmA25yD87HuIn975nkq9LrXgSeV4E3rlXiy6FwFRhFjFLRWFIQ&sig=Cg0ArKJSzEeYqWKmYBNYEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=141&cbvp=1&cstd=134&cisv=r20230118.98688&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: banks.org
URL: https://banks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 19 Jan 2023 20:41:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Jan 2023 20:41:54 GMT

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 756C 36 KB
16 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 18:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jan 2024 18:28:24 GMT

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/ Frame F896 6 KB
2 KB 26ms
24ms Stylesheet
text/css 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42a2138398903109e146c2aeec93115208dce08b843915bbd5be8a55ae15dfab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 18:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182233
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1884
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 18:04:40 GMT

GET
H3 200 fonts.css
s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/ Frame F896 1002 B
256 B 27ms
25ms Stylesheet
text/css 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/fonts.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 18:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182233
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 18:04:40 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/ Frame F896 5 KB
1 KB 27ms
26ms Stylesheet
text/css 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3ef6cabd8cc928fc520e3d6a25b9557006fb6e7216d54f2f4dabd1e88305423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 18:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182233
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1010
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 18:04:40 GMT

GET
H3 200 Enabler_01_248.js Show response
s0.2mdn.net/879366/ Frame F896 118 KB
40 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41094
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Jan 2023 11:00:28 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame F896 57 KB
23 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 Jan 2023 20:41:53 GMT

GET
H3 200 SplitText.min.js Show response
s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/ Frame F896 9 KB
4 KB 40ms
38ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 18:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182233
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3818
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 18:04:40 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/ Frame F896 25 KB
10 KB 41ms
39ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 18:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182233
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10657
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 18:04:40 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/ Frame F896 17 KB
3 KB 36ms
35ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b84170c704c9b4038e176ff9d9270fa0f80c49c6dae64ca19f5b0dbeda6902c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 18:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182233
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2700
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 18:04:40 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame E7D8
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/886862/62196421/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_EavJY4...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

44ms
26ms

Script
application/javascript

2600:9000:223f:bc00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912987&bpp=1&bdt=2033&idt=1&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280&nras=3&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0EY4EDvagM&p=https%3A//banks.org&dtd=21
Protocol: H2
Server: 2600:9000:223f:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:44:46 GMT
x-amz-version-id: zY2JBCN4YW7W9FILnhc6dvLmbr8sZib9
content-encoding: gzip
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 89829
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 18 Jan 2023 19:44:35 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: rkru76WYYxo3GorKkBsYFwbOzNhjYC3Ap1QtH7t_oB3RaMkIIqszcA==

Redirect headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
server: nginx
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 56B7 91 KB
23 KB 95ms
23ms Script
application/javascript 2600:9000:223f:bc00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912987&bpp=1&bdt=2033&idt=1&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280&nras=3&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0EY4EDvagM&p=https%3A//banks.org&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10386338
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: kgJYpm96c3WM7iYG5-Ai04ZDJ2bNrfS5aw75SGa94pUcnDmPdIk1zA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E7D8 43 B
216 B 601ms
173ms Image
image/gif 2600:1f13:800:7780:b826:cff2:4f34:22ea
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=e4b4cd08-c601-a27c-6984-4476bd0d3108&tv=%7Bc:1Mi73P,pingTime:-3,time:46,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:46,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ttq8A2v+11%7C12%7C13%7C141*.886862-62196421%7C1411%7C1412%7C14131%7C1414%7C15,idMap:141*,rmeas:1,rend:0,renddet:na,siq:18%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912987&bpp=1&bdt=2033&idt=1&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280&nras=3&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0EY4EDvagM&p=https%3A//banks.org&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:b826:cff2:4f34:22ea Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E7D8 43 B
215 B 598ms
174ms Image
image/gif 2600:1f13:800:7780:b826:cff2:4f34:22ea
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=e4b4cd08-c601-a27c-6984-4476bd0d3108&tv=%7Bc:1Mi73R,pingTime:-6,time:48,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:48,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B42~0%5D,as:%5B42~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ttq8A2v+11%7C12%7C13%7C141*.886862-62196421%7C1411%7C1412%7C14131%7C1414%7C15,idMap:141*,rmeas:1,rend:0,renddet:na,siq:18%7D&tpiLookup=ao:banks.org*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912987&bpp=1&bdt=2033&idt=1&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280&nras=3&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0EY4EDvagM&p=https%3A//banks.org&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:b826:cff2:4f34:22ea Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 css
fonts.googleapis.com/ Frame A441 6 KB
768 B 34ms
32ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=280&adk=4144480424&adf=1612389005&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=1200x280&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912427&bpp=2&bdt=1473&idt=345&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=73&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Rp3dLKmVqB&p=https%3A//banks.org&dtd=349

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Jan 2023 20:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 20:02:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Jan 2023 20:41:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame A441 2 KB
765 B 35ms
34ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 17:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 17:12:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame A441 22 KB
9 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:48:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8872
x-xss-protection: 0
server: cafe
etag: 4731094640903799552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 16:48:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame A441 3 KB
1 KB 35ms
34ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:48:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 16:48:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame A441 18 KB
7 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 17:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 17:12:28 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A441 155 KB
47 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 20:41:54 GMT

GET
H2 200 4486906364f6b2babc33c791099553dd.js Show response
www.gstatic.com/mysidia/ Frame A441 33 KB
14 KB 70ms
19ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4486906364f6b2babc33c791099553dd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da18ca5c0fcbb13b7cbcc303389199c34093913017249f2a8ba9a2f27049890a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 04:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14016
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 04:15:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 04:31:36 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E7D8 43 B
215 B 585ms
174ms Image
image/gif 2600:1f13:800:7780:b826:cff2:4f34:22ea
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=e4b4cd08-c601-a27c-6984-4476bd0d3108&tv=%7Bc:1Mi747,pingTime:-2,time:64,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:472,beZ:473,mfA:475,cmA:476,inA:477,inZ:480,prA:480,prZ:485,si:490,poA:491,poZ:514,cmZ:514,mfZ:514,loA:521,loZ:523,ltA:536,ltZ:536%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:64,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ttq8A2v+11%7C12%7C13%7C141*.886862-62196421%7C1411%7C1412%7C14131%7C1414%7C15,idMap:141*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:18,sinceFw:45,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912987&bpp=1&bdt=2033&idt=1&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280&nras=3&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0EY4EDvagM&p=https%3A//banks.org&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:b826:cff2:4f34:22ea Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A441 0
0 67ms
67ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLvg9EKvJY-H6MNLkxgL8po2AAbG8hL5uopLmr6oQmObbxbccEAEggp-3VmCV-vCBjAegAaKj-54oyAEJqAMByAPLBKoEvAFP0OTAu6xgOWyR93udyToHr7AmH1daNFm_ekL5IVHCBPBpqEXql-C7lCaK-Z3CjedWgXxXALCZ-8AowOmbmKl5o5ZanVsHKHHLi8E6V2dDbtlYWW7tioRHDBLRbAhxn8g0B-xr9ws3G08-H-fqU0ZXZrHHols1XRqpUNV1WYZFwUaJ_xkiboHs03fBZnlvO2gZXr2-cxQ2wF5JYp_pqrSZ0TDmZegAwi58c4WCU6AvisrN0Kj8ImG-4q1iNcAEgoH-_ZkEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6Lby_4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQnfoK0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMN0BUBmBYBgBcBshccChoIABIUcHViLTkzMDA4NzQwNDgxOTUzNDgYAA&sigh=FK4QQAyznLs&uach_m=[UACH]&cid=CAQSGwDq26N9oj086IRgQX1pWJ-nruZbtis07pBAPhgBIBM&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=280&adk=4144480424&adf=1612389005&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=1200x280&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912427&bpp=2&bdt=1473&idt=345&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=73&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Rp3dLKmVqB&p=https%3A//banks.org&dtd=349
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 19 Jan 2023 20:41:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16023164246784960368/ Frame A441 11 KB
11 KB 35ms
35ms Image
image/jpeg 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16023164246784960368/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f92c961367429e1d8877512a400d7b6ba208a79cd4eedb6c3a2a441954d67c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 08:49:31 GMT
x-content-type-options: nosniff
age: 215543
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11410
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 15:36:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Jan 2024 08:49:31 GMT

GET
H3 200 11101257911272200495
tpc.googlesyndication.com/simgad/ Frame A441 4 KB
4 KB 44ms
43ms Image
image/png 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11101257911272200495?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7b673fef19cc22d33bc7d7c31a05725a1154b6a3a357c4d9549264a1430382c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 01:51:20 GMT
x-content-type-options: nosniff
age: 240634
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3725
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 14:05:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Jan 2024 01:51:20 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E7D8 0
0 72ms
70ms Fetch
image/gif 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEt4bJWR3EVuzXsrEJy-8OIHEvIntVcIXgFUUxZV3vbQT3-93SymifBvH2zOO_EgXX1-vysrNgzdRSE0nQnU6AYVGJGzuHaC34YOp5VPaJw6MAZGPuxPFO_LpnQaUnOSmL_xcWXduTZmNdsU2obDhjpsAhwH8PxbY2aSa9FYDSZIztTxfCEaP39dL7iVsf2YkL5-BmKAZhy10hYeF__y_pT0Tv759_XeYFGm9eIVybznVGrCWPWkEa3K7e09CTXXai0qH69Ou3Ol2FlQacc86FbTKsplczRSEOYvatdOt_ObhBZpML2wlVxZg-H8jHpP1tEkw1jbW3wpDXvc-P9qL3REo9Hxuj8KFYVgXEcY6XHTj316WcN2hYbcCJVitNqvmJh6YQ9PuhFFvTzXnGpxP8gfn53p9vTaNLUamajdJIAiZ09vzh2jROaaed2U52IDIA_vy_6jOyrwGdIXm3FM7Kyo3HNRsnm08BQabIX8hih5Cpx-ZEdPZAty6pJk-KHNMvJTHYB1VvzNUGIujPtqLRqAJRnYAY1Aq4tKdWh6CFzsctfR_2GqSwKphBnYND2n3iXqDQrBqwD2-NlEook6Fho2bcuY9H1KNMA03xeBx2028R1iN3iynVb292g0y5G5ATnkbiza1OwOrcRr-dTj18mL1LpvQjhccTkTvjOFsKgV0wBDiphhogj5lh-C8eWcuW9Vcq55ClmVF5YSEuA1otIzfXiD3BTug_sipm6tsBa9Je6TdgyWgNc9_mOGpXFXz2cG3vrZ03ktUYKMo05VqVzKD-DoCbUNUt_u00eGvrgtcTneNPtcvpCwhwbb0xq1DoabdWk-FT66ZdsnN_PUT3V0rL-RFXwMV51FYbKXKOBI7y1HIB38vMAHhL4nQOZsLSwwgnrjoxn4OTwr8TNg3-QmyPZfcFC-qk-_dcbU5gCO9sXVQihuqz47a5ITibQI1wAgRaSOQKxJqCzOAsLmn5IZDJmfAi28JFcM3ciYFxspeNGHk7CFz78P5RK2jBoywRJYWCOupNSyoTHoqQdxDEkbEUQxE3GfNJxin45Ow3YyGpHRqmz74sCgH7toxpOGf3QtkkjhZzh2KERiXJ3jBusYhB1AwZfqG9R5BX85d4Wtx-v_95u5p--aSp6gkTcYVrNcNNcUrXnLjYeAmTTmcfW2KPqgTbQHwxaZVZhUIMSxn2hjyH2u3Mf7JaGHEx8eYoiTRS5R9EMgSHeqleAhDv&sai=AMfl-YQwnfewwYaUh-RaJydRe-bxzmx7uRJ9RLnryaJIk-NR3dOYp2zR59YN0hXvATpdbBaMzzOJnpoGhJ7cmzBhnQpGiFuYqBNgln5RHf_-KxiXnuTUpkr1Tz6znUk1gixDzo2ZBMnk8YSNiFn5pGsFIVklX0ZQF_eTTvUR9a07mtts1Q6B_FL5BB5dmYZsmdGSsdN0iG3OXclelfCAGBjSq1-xsCmA25yD87HuIn975nkq9LrXgSeV4E3rlXiy6FwFRhFjFLRWFIQ&sig=Cg0ArKJSzEeYqWKmYBNYEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=358&vt=11&dtpt=217&dett=3&cstd=134&cisv=r20230118.98688&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: banks.org
URL: https://banks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Jan 2023 20:41:54 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F896 7 KB
6 KB 83ms
83ms XHR
application/json 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bbfeb5b94f750bf430b299f794338d8af8749cea06463a5a5bbc9c95702d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A441 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d59a0776921077ed9ef682b903c160005790ad0c4d8d4e4b50bdb458f19409d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A441 15 KB
15 KB 38ms
37ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 01:58:46 GMT
x-content-type-options: nosniff
age: 67388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 01:58:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A441 15 KB
16 KB 36ms
36ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:33:08 GMT
x-content-type-options: nosniff
age: 90526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 19:33:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A441 15 KB
15 KB 38ms
38ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:40:07 GMT
x-content-type-options: nosniff
age: 14507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 16:40:07 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 756C 0
20 B 159ms
154ms Image
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXXWaEavJY42jKJq79u8PzJKf2AMAAAAAOAHgBAI&bg=!2Nul25_NAAYDMoyoIzI7ACkAdvg8WunXRI-Pm-d6XLvj-y_IFLDC2jAXypyGwY3txgRRopKNna3PWgIAAADfUgAAAANoAQeZAt-QB4bE6_6T5qWCPP-a3nZhszpSxDXZGmH3_dRTu8TOSRnxK7n0bxqLJuBcZbHdMfRtwKkpTd15JDrYXE0-sXQKy55cUaO3QWjVTK_pBdMbGSq4V0kENCjIYOMmafrQLiOH1lCotZiHTIgm4AE8-To2te4VqJnHd7KopBnYzIyy0dISpnZtoMmd41zhsQqwVMNSCMLQCxr9ALuIpL6xaKbQiC0oqiSdcaVuQ5aJYPqnf-7xxrfbrUT9UhSrGTNdonKhspN8lkoj9k1yyBm_cvXSsFEbytSA0wixVNQYg_shSJjDUF84EOm-BCbuPU1mX0wwAVoCK6Ycwt4wulH4yXw8yLzchv96VHV-TcrvPEbQeKd-1AORUKG33ZsG3nkd6ykgIbrIZAjv22voxTvjHTWLeavExdoEVKAAirXI6nYWyQvmBku8Ebvih1tVpf9PCCExjcl-e8jTMRFTspSFakJizAP-qp7OcrcGByklKnrWJkvAYWAd3ZekBXzMm7W7Pfa656MHAO3ufngCYsJhwzaB8RDZgVzl3l5gg4761H4Ji03Z0H3Yj9Cok_X25hh4tBZ0UuElH_ZRqCP-1sEzxZaHzyDdL_JUDNj8_Aq-LI3eWd4zRRonW5TKUg2-cF86kEQhhw2oxRrFGDPnc039tlkvUcbYpEZwl-ywEpF_ogyyERitX7n70A8MnvXnaOM3u8sVfP3s1fdxwh_Fx8bR_ylHGqR4FCTkoRUaLzHXI1gD51hyv4PVBUuxZS9XLeY9SYMUO78plIC8DhfRQVyfB5H9Y7cliYiy0kqrCQQzG6mWJpsOPiZ-IbRGJq8dpgIDBX6jlRINGA6mntkK5_sTvs48UGwQ_kyOijDc0LiMJep0yInXIyMSYziowVh4tPWjcxHUp9qdnHXf4mUzgMtW5RwKUi3xeuL2loIIlBng_Athm5urCDJHwT7EO8dwI0GFJwxC0aDAfo1EMBPYvQ_FETU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F896 17 KB
6 KB 72ms
71ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 20:41:54 GMT

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 9786 36 KB
16 KB 35ms
34ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 18:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jan 2024 18:28:24 GMT

GET
H3 200 skyblue.png_1650378740125_skyblue.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d348f92367584d228ce6/original/ Frame F896 4 KB
4 KB 22ms
21ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d348f92367584d228ce6/original/skyblue.png_1650378740125_skyblue.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79373afeea5950ed316c219ae0d008e483e172849d49b12cc2be115c3607278a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 18:35:45 GMT
x-content-type-options: nosniff
age: 353169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3942
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Jan 2024 18:35:45 GMT

GET
H3 200 Trip_Antalya_1337_313_1.41.jpeg_1650378740125_Trip_Antalya_1337_313_1.41.jpeg
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6244743bf3ec64f6a2f1bb47/original/ Frame F896 22 KB
22 KB 26ms
24ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6244743bf3ec64f6a2f1bb47/original/Trip_Antalya_1337_313_1.41.jpeg_1650378740125_Trip_Antalya_1337_313_1.41.jpeg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b01b596141a53577b2668f103832ae0ce17b4019f118ac6811376473eab015c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 10:37:26 GMT
x-content-type-options: nosniff
age: 381868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22679
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Jan 2024 10:37:26 GMT

GET
H3 200 vector.png_1650378740125_vector.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d1dff923674902224617/original/ Frame F896 5 KB
5 KB 34ms
33ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d1dff923674902224617/original/vector.png_1650378740125_vector.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf51c0cecef50e2e8daf3e92f7b9880baf9c927a183e7fe3bffda9b402a8ddb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 18:35:45 GMT
x-content-type-options: nosniff
age: 353169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4685
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Jan 2024 18:35:45 GMT

GET
H3 200 gradient.png_1650378740125_gradient.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d32bf923673bb72288eb/original/ Frame F896 26 KB
26 KB 33ms
31ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d32bf923673bb72288eb/original/gradient.png_1650378740125_gradient.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3660a7c0ed2b6f7d09fe26333a10e8bbddc5bb60a14ed86c38d7898c505e4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 18:04:42 GMT
x-content-type-options: nosniff
age: 182232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26373
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jan 2024 18:04:42 GMT

GET
H3 200 blank.png_1650378740125_blank.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/ Frame F896 91 B
116 B 34ms
32ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/blank.png_1650378740125_blank.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 13:59:02 GMT
x-content-type-options: nosniff
age: 110572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 13:59:02 GMT

GET
H3 200 icon1.png_1650378740125_icon1.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616db9e34408f8b777d5653f/content/ Frame F896 7 KB
7 KB 27ms
26ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616db9e34408f8b777d5653f/content/icon1.png_1650378740125_icon1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 18:04:42 GMT
x-content-type-options: nosniff
age: 182232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7071
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jan 2024 18:04:42 GMT

GET
H3 200 icon2.png_1650378740125_icon2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616db9e34408f8b777d5653f/content/ Frame F896 6 KB
6 KB 31ms
30ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 18:04:42 GMT
x-content-type-options: nosniff
age: 182232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5901
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jan 2024 18:04:42 GMT

GET
H3 200 icon3.png_1650378740125_icon3.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616db9e34408f8b777d5653f/content/ Frame F896 6 KB
6 KB 28ms
27ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 18:04:43 GMT
x-content-type-options: nosniff
age: 182231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6126
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jan 2024 18:04:43 GMT

GET
H3 200 logo.png_1650378740125_logo.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616db9e34408f8b777d5653f/content/ Frame F896 3 KB
3 KB 31ms
30ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 18:04:42 GMT
x-content-type-options: nosniff
age: 182232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3423
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jan 2024 18:04:42 GMT

GET
H3 200 logo2.png_1650378740125_logo2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616db9e34408f8b777d5653f/content/ Frame F896 2 KB
2 KB 29ms
28ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=HSWkmmKmRF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 18:35:45 GMT
x-content-type-options: nosniff
age: 353169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1701
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Jan 2024 18:35:45 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E7D8 43 B
215 B 404ms
175ms Image
image/gif 2600:1f13:800:7780:b826:cff2:4f34:22ea
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=e4b4cd08-c601-a27c-6984-4476bd0d3108&tv=%7Bc:1Mi772,time:245,type:e,im:%7Bpci:%7Btdr:111%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:245,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B239~0%5D,as:%5B239~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ttq8A2v+11%7C12%7C13%7C141*.886862-62196421%7C1411%7C1412%7C14131%7C1414%7C15,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:18,sis:189%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912987&bpp=1&bdt=2033&idt=1&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280&nras=3&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0EY4EDvagM&p=https%3A//banks.org&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:b826:cff2:4f34:22ea Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7ECB 624 B
242 B 59ms
57ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNX7T2luxdPsrSnRwfw-UFEHmFI6x96iA3c-r9eDwvpOYCSlb1tJJPj4ESTT_kPkLAdbDNbUzbocvLo9mGJxfcCP0ONZVQcTTo0CKtooFgDPNChF2RzR9AZEyWu2kZSrWnd4ZbX_GKrWAYvt9oa-5Lc4AicGbAeJoYZlgHTxeMHkzG5FPRw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=280&adk=3039446094&adf=1308214307&pi=t.aa~a.343856025~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=336x280&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912992&bpp=1&bdt=2038&idt=0&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280%2C263x600&nras=4&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fwoQU57OeO&p=https%3A//banks.org&dtd=322

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=280&adk=3039446094&adf=1308214307&pi=t.aa~a.343856025~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=336x280&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912992&bpp=1&bdt=2038&idt=0&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280%2C263x600&nras=4&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fwoQU57OeO&p=https%3A//banks.org&dtd=322
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 20:41:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0C35 76 KB
27 KB 90ms
89ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27384
x-xss-protection: 0
server: cafe
etag: 10506132538256102613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 20:41:54 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 0C35 3 KB
1 KB 36ms
34ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:48:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 16:48:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 0C35 18 KB
7 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 17:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 17:12:28 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0C35 0
0 60ms
58ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRa6fxnntTlDVxKHzBYwAj7oKxrTlPP3y6SSnfuRd_fVS4irJVj8mTt_PEvfhn2eZbl34lzI2FF0t5v6549FNumOqz3hg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=280&adk=3039446094&adf=1308214307&pi=t.aa~a.343856025~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=336x280&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912992&bpp=1&bdt=2038&idt=0&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280%2C263x600&nras=4&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fwoQU57OeO&p=https%3A//banks.org&dtd=322
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0C35 155 KB
47 KB 69ms
67ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 20:41:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C35 42 B
63 B 150ms
149ms Image
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CdjZtxrzGJD6-ALtXt_QHUbIo9FW0PAo5BGumP8QQ0ViH-uIonz97W_ENQ_1-ttuaHng9b7Y72R_8k7T0rqbHKVgm0P3Hor7paudv_Ca2nxaXZ0GM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C35 0
20 B 148ms
147ms Image
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3475551814008174601&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D24 36 KB
16 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 18:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jan 2024 18:28:24 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7ECB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELR-F3iOThiD6wvUaHskLx4&google_cver=1

43 B
632 B

22ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELR-F3iOThiD6wvUaHskLx4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNX7T2luxdPsrSnRwfw-UFEHmFI6x96iA3c-r9eDwvpOYCSlb1tJJPj4ESTT_kPkLAdbDNbUzbocvLo9mGJxfcCP0ONZVQcTTo0CKtooFgDPNChF2RzR9AZEyWu2kZSrWnd4ZbX_GKrWAYvt9oa-5Lc4AicGbAeJoYZlgHTxeMHkzG5FPRw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 20:41:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELR-F3iOThiD6wvUaHskLx4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7ECB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8mrEf7EB-.Db7oPEgSXZwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELR-F3iOThiD6wvUaHskLx4&google_cver=1&google_hm=2

43 B
632 B

22ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELR-F3iOThiD6wvUaHskLx4&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNX7T2luxdPsrSnRwfw-UFEHmFI6x96iA3c-r9eDwvpOYCSlb1tJJPj4ESTT_kPkLAdbDNbUzbocvLo9mGJxfcCP0ONZVQcTTo0CKtooFgDPNChF2RzR9AZEyWu2kZSrWnd4ZbX_GKrWAYvt9oa-5Lc4AicGbAeJoYZlgHTxeMHkzG5FPRw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 20:41:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELR-F3iOThiD6wvUaHskLx4&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7ECB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKswlk69_3tJRqT1xd677do&google_cver=1

43 B
1 KB

21ms
21ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKswlk69_3tJRqT1xd677do&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK7Fm8sBMAE&v=APEucNX7T2luxdPsrSnRwfw-UFEHmFI6x96iA3c-r9eDwvpOYCSlb1tJJPj4ESTT_kPkLAdbDNbUzbocvLo9mGJxfcCP0ONZVQcTTo0CKtooFgDPNChF2RzR9AZEyWu2kZSrWnd4ZbX_GKrWAYvt9oa-5Lc4AicGbAeJoYZlgHTxeMHkzG5FPRw

Protocol

HTTP/1.1

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 20:41:54 GMT
AN-X-Request-Uuid: 78f6053e-402e-4cbf-aebf-2cc44c17948f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKswlk69_3tJRqT1xd677do&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7ECB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjM0NjE2MzY4NzE1NDc3Ng%3D%3D

170 B
188 B

41ms
40ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjM0NjE2MzY4NzE1NDc3Ng%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 19 Jan 2023 20:41:54 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: cec94f47-49d5-4ae7-8f8d-5e9da98ec864
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjM0NjE2MzY4NzE1NDc3Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C35 0
20 B 150ms
150ms Ping
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3372409531656&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C35 0
20 B 149ms
149ms Ping
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3372409531656&version=m202209210101&ct=76&x=1&cor=3475551814008174600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0C35 85 KB
34 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhW5h24uo15sW45EJBEXb3kmMkCH39OzAn9D9eFkjiHkviIkaBMawkPUXmgnDBBCl3Kujqt42xt8782IYkk_vGh54Rvg&cry=1&dbm_d=AKAmf-A30HaQDR8WQHjzA9sbyve68KiixlVFuk_OAjtyp9Q00DRH9-sOyG5KWoVrRj6nxrheYo_XRB3n28GgdOl7xAVW4N3M9fHqHdMwW7E0MPQRlB1PsBPUv9njipLCniJewJYY9fz9GQo2d8pgNRV8Dt9R55twmgHXwgU_Nh_yCYsyMYynA0ZfEFThpg89lmvUWcCvQ81f8gC5MGqoXsizAuQdbRSEVdnfrXyqWtXyFI74AjnyEfo2d6ihpcdxD0_L6SO8jQip5vC-1sknxykb4r6jGKhaUGOD8MtOCu2QIvdIOXMTMVTax0UwQ2XKV4lBe-FObrW0IhRmpC7shQHs1DebX_8CjG-VGC2ORj3_u3XiSdqstukxGVeu4ip4WMoqSYfJlFBUA5lT05l6N1AO5neFPXBCHYkIYJ1elX5LYMH5Q9u9DBR9DBIzS6X_viNsopBUz56creaPDooVkigeXFbfhMXaUmKn-YEYyU1g7QMRHxV2y3UshYQ9ffIJ68plL_vjEdAE4wHGXbYlk519JnDThF6haXyT64RHx49F-0-z2zWUQRPlebEhVNR5jMc4VSnzQwMYM8O1HivR0wqW6Huh-deK-vnSaFM4ehtOmRHomGZIc2BkPWK-GLE4W531V_5c7Sm_Kx7r7_BG8AqZuimNVLyuWHEgiJVN5e4hAhs7rOTuSl6EymmCqcBJsI6sZMpBm7z8_5B5HBYMd3Zd9GtDhACgP_ezpzLRTak6ZUVHentggLNFJ_U-uPwn8dmcxg9o8rCZ8-E4GKG0eB62sqwarIbbs7yHZftFVFHxvpNDY7GGdddzmmxvpOX6PElok64757uDBiDB0sr3ZKsgMb7v9aqai_T0CHBTxFQKg33AuM8STjf6RWrlzjUDLk1t1BaeeSrCrub-s9PEXcmLywaaaRDrsSDbo5qbdp9vxUYlNkizKBYVIEZ4HD0atBys_bjBwpVJigkmbsgLhxrd_xLIPwLXhn8ELXMz9cwpMicwdm3D0g0863tipA0LparLq9fCLwtGht68j0Dj9o1GrrSOPYxqGBQqcVCMN76gnV58nz_o-RAjlh5vRN_ZdaT30Mrh1iqs-DuCwJ8ENlUgMUTqq_bifqn0jABqKJvMcQyx6b7dxts4uNBjN330oWv1wd9OqRqPZ_MyYTpUMjf3KesKyaHot4DDeHN7iV4YMboLDpphGczD1pnAjvIqSCJnDnbrieUow2w7U_WktVENRycYcBd29urOty8lRo4YdcloA13tSdxHT7rFAJAigZnvyIukM259enBlATypzNOQBBDVSADJj-BQfRJeiMNd395L2p_4b3Sh4RrNgzu01XQD7XlNUqxHQcw2g62uc3KD9E-56-cYV3XP_9N9U-wxRHWAGE1NGbh7u7ujZPYM5CTDL-MEH2a5EG51hTWFWZdhb0nwaD8zmqtA5zJulS4EJ1DkuzfwSSFowJeFs-6zJDSf0usCpAASIMEP-4IQktMOwSsYweDeU6kAnHhUdVsL-uogBAXEcE92-OCfSeGQdUH7I1TXLGtLDE-fZmxGJ-Ye9GBZWw-UD7BExUU3GbkKjBGiiIv8Awg6sO9POLmschx33bh4BCdJvv1Y8ouBpoC_Edz0lRKB5RNVcbgpBMAcdUAbt3r9n9iP9I3Uf5V_8S85jlurVolTZ7KkoQMznUPIfm8_a1AomGJduB66wD2nDE52SRkBHxYVlkKmoxJHBMiVIeDdcsXajarJpytGZeBVCEcWZILrqdEaNvi_1w6_mHgkP_NtD5_aLv_9dOZjbTf8UjfZwvUh1d4OYQUrS3lPL0Lbf34F1f2yyJzk9k4AlOdb4RNKpnp5azK0K00Mdya2YFF2ry7x5baeaQls7HjAMUAMGF9rrmyBII5WxXidARNUwwmIkm_Av_WLRsDMJbfZdnXdSBxIJxVd3T0WPtRwj3tLiD6_7dXwb2AYJoFpSYMYTX4XWYb-r-v4lyHk3TBhtz3UEo0kcNudm5A0t8P4DR5aGtkgAbjdqD6m4H5WoUaKL2rZm9CX2Gys6RoiTEVX4gHC48MkQVfc2FC9HSzNzSOfa8ASJ4z3k3VkW0ypNTiwSzm0wuQSqFMeLIpbc_zqd6KiVDR6OAx6Hv0BZJ3tvCrWV8nsJudOTK4mEwo0MJCIF6PV4eNLsVHyVVYPFftFlsvskUWXcfwMx03d-6wL9pWRHpjxW36WWS54OJuB6I6cyYYYZ_ZYEZWYAo0P6bX3lBFldNQfg3b2NW0RLh7MTHRHV3KrWYz3fPiUhFBRt3aGzdZCYpcThX1CnFRKP6XepqR9IT9cWUk5qaxjNalTQM5A2Ye2y4Xy7YznraR36UUFal1i6qsd4Sn1DKTHgFvV6rj_4s7jtHbuleKAelatUsNepQGakS04aEmxziAkXp4lLcymd49AZz2ONzBeSZWov1t5AzeqgFFja1jdh3Uyo-jhouQWpAUyRrl35PrTLmRfR2H5rkGkg64seWpD_8PH92J1HCca_QUQOMGepyrLJKYmBjqVpndqKBtPzmmbf8I4SWyhvHAw9_p0GFxsk2POI_kmyONDknPJ2q8UaPQEiGQVcJCy9DV3EuvsEr6FCzlG_WPX3refhJNnWx_ZUhRr6G16zJgoXENxOx70JJCAZclGn7ayFzoP5pgRXy_ASlqazwAHjQcqilU0ZTEL5iY42C3L-abF7oKJm3tuy9dRHGS2Lhy3ecykM3tolz9uxBT6R9WLCCZZHUZ4wP2PsKWOU2Y5aOARj3F8BYNfZwCSYSIlrT5zLc0S0Jqyx7KIY4-4ULn9lVKteLSz2UCU5MdkbFuUBaDxS_0KYi8s8iezotQSYiOTwD_RIGeNqRhh91sKm6pLXx7aV8XBTkl-WI0mxoOhdXkwOQF_xmnBREvX_8GUbchu3bcLtzmNSzFFyTUd0JDRUYFcyKOIT_zTd-yBChii4r3W4gQ6QJzSseRtEIcJ1XQmK1CpFf7U-bxk-Ha8hFA_hEGOQWxnQEOq0swnSg3xJZSwrAcGfrJUnFS312pyo-vWOj1JvcK3Nz3jtTA3d3AvWO76LdJi-DPDVOnS8KBZcOLKWQK468AqWrQMa0O11-V7bhQNf9lt2aF4ju0W5-CHhaZeyGTgYguzGV-Fjycm28dn6p1T0IZgetCS1WXGOAQEFOqtRhTuVv3Oa2lGe-CjtrMrNUDViAfJ0C2s731ZTo4GX923IVeibhF8YoUoOQkKMXpJm1ae6IZc5B2rRxUVRsntfEVzSLZPihcU6X1hIczc&cid=CAQSOwDq26N9QLQhAHLmUYY9x69hBxYqivBUehV17dTd7KuguyAKd9JdjXsfEsVaqyjWmbSfkObNXqBaOXMIGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbanks.org%2F&ds=l&xdt=1&iif=1&cor=3475551814008174600&adk=1761367587&idt=98&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b0b5914e6d575e31568f4375e1635a4c867d861d914a126ee007eea87a52b92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=280&adk=3039446094&adf=1308214307&pi=t.aa~a.343856025~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=336x280&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912992&bpp=1&bdt=2038&idt=0&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280%2C263x600&nras=4&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fwoQU57OeO&p=https%3A//banks.org&dtd=322
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35140
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E7D8 43 B
215 B 317ms
316ms Image
image/gif 2600:1f13:800:7780:b826:cff2:4f34:22ea
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=e4b4cd08-c601-a27c-6984-4476bd0d3108&tv=%7Bc:1Mi7b8,pingTime:-10,time:499,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC43NCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1674160914461%7C%7C5e34d88c298c8a91071b61722d6f6ff5%7C%7C8e7a3195fc7d943b14e55b6c8e00d314%7C%7C22006550247eef18d72e8f05ba36f0a7%7C%7Cd419e7aacc497e19d88cee350d0682f8%7C%7C8d605e4529949da91536aa73eb9b1848%7C%7C49b5632cdbd890d4181dcce67f41b499%7C%7C0c327e578846ce435fe8ac99ac112aae%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=600&adk=2873357176&adf=4272239003&pi=t.aa~a.2432572741~rp.4&w=263&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=263x600&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912987&bpp=1&bdt=2033&idt=1&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280&nras=3&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0EY4EDvagM&p=https%3A//banks.org&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:b826:cff2:4f34:22ea Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 express_html_obb_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 0C35 119 KB
42 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Requested by

Host: banks.org
URL: https://banks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 15:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42405
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Jan 2023 15:17:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/ Frame 0C35 8 KB
3 KB 33ms
33ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhW5h24uo15sW45EJBEXb3kmMkCH39OzAn9D9eFkjiHkviIkaBMawkPUXmgnDBBCl3Kujqt42xt8782IYkk_vGh54Rvg&cry=1&dbm_d=AKAmf-A30HaQDR8WQHjzA9sbyve68KiixlVFuk_OAjtyp9Q00DRH9-sOyG5KWoVrRj6nxrheYo_XRB3n28GgdOl7xAVW4N3M9fHqHdMwW7E0MPQRlB1PsBPUv9njipLCniJewJYY9fz9GQo2d8pgNRV8Dt9R55twmgHXwgU_Nh_yCYsyMYynA0ZfEFThpg89lmvUWcCvQ81f8gC5MGqoXsizAuQdbRSEVdnfrXyqWtXyFI74AjnyEfo2d6ihpcdxD0_L6SO8jQip5vC-1sknxykb4r6jGKhaUGOD8MtOCu2QIvdIOXMTMVTax0UwQ2XKV4lBe-FObrW0IhRmpC7shQHs1DebX_8CjG-VGC2ORj3_u3XiSdqstukxGVeu4ip4WMoqSYfJlFBUA5lT05l6N1AO5neFPXBCHYkIYJ1elX5LYMH5Q9u9DBR9DBIzS6X_viNsopBUz56creaPDooVkigeXFbfhMXaUmKn-YEYyU1g7QMRHxV2y3UshYQ9ffIJ68plL_vjEdAE4wHGXbYlk519JnDThF6haXyT64RHx49F-0-z2zWUQRPlebEhVNR5jMc4VSnzQwMYM8O1HivR0wqW6Huh-deK-vnSaFM4ehtOmRHomGZIc2BkPWK-GLE4W531V_5c7Sm_Kx7r7_BG8AqZuimNVLyuWHEgiJVN5e4hAhs7rOTuSl6EymmCqcBJsI6sZMpBm7z8_5B5HBYMd3Zd9GtDhACgP_ezpzLRTak6ZUVHentggLNFJ_U-uPwn8dmcxg9o8rCZ8-E4GKG0eB62sqwarIbbs7yHZftFVFHxvpNDY7GGdddzmmxvpOX6PElok64757uDBiDB0sr3ZKsgMb7v9aqai_T0CHBTxFQKg33AuM8STjf6RWrlzjUDLk1t1BaeeSrCrub-s9PEXcmLywaaaRDrsSDbo5qbdp9vxUYlNkizKBYVIEZ4HD0atBys_bjBwpVJigkmbsgLhxrd_xLIPwLXhn8ELXMz9cwpMicwdm3D0g0863tipA0LparLq9fCLwtGht68j0Dj9o1GrrSOPYxqGBQqcVCMN76gnV58nz_o-RAjlh5vRN_ZdaT30Mrh1iqs-DuCwJ8ENlUgMUTqq_bifqn0jABqKJvMcQyx6b7dxts4uNBjN330oWv1wd9OqRqPZ_MyYTpUMjf3KesKyaHot4DDeHN7iV4YMboLDpphGczD1pnAjvIqSCJnDnbrieUow2w7U_WktVENRycYcBd29urOty8lRo4YdcloA13tSdxHT7rFAJAigZnvyIukM259enBlATypzNOQBBDVSADJj-BQfRJeiMNd395L2p_4b3Sh4RrNgzu01XQD7XlNUqxHQcw2g62uc3KD9E-56-cYV3XP_9N9U-wxRHWAGE1NGbh7u7ujZPYM5CTDL-MEH2a5EG51hTWFWZdhb0nwaD8zmqtA5zJulS4EJ1DkuzfwSSFowJeFs-6zJDSf0usCpAASIMEP-4IQktMOwSsYweDeU6kAnHhUdVsL-uogBAXEcE92-OCfSeGQdUH7I1TXLGtLDE-fZmxGJ-Ye9GBZWw-UD7BExUU3GbkKjBGiiIv8Awg6sO9POLmschx33bh4BCdJvv1Y8ouBpoC_Edz0lRKB5RNVcbgpBMAcdUAbt3r9n9iP9I3Uf5V_8S85jlurVolTZ7KkoQMznUPIfm8_a1AomGJduB66wD2nDE52SRkBHxYVlkKmoxJHBMiVIeDdcsXajarJpytGZeBVCEcWZILrqdEaNvi_1w6_mHgkP_NtD5_aLv_9dOZjbTf8UjfZwvUh1d4OYQUrS3lPL0Lbf34F1f2yyJzk9k4AlOdb4RNKpnp5azK0K00Mdya2YFF2ry7x5baeaQls7HjAMUAMGF9rrmyBII5WxXidARNUwwmIkm_Av_WLRsDMJbfZdnXdSBxIJxVd3T0WPtRwj3tLiD6_7dXwb2AYJoFpSYMYTX4XWYb-r-v4lyHk3TBhtz3UEo0kcNudm5A0t8P4DR5aGtkgAbjdqD6m4H5WoUaKL2rZm9CX2Gys6RoiTEVX4gHC48MkQVfc2FC9HSzNzSOfa8ASJ4z3k3VkW0ypNTiwSzm0wuQSqFMeLIpbc_zqd6KiVDR6OAx6Hv0BZJ3tvCrWV8nsJudOTK4mEwo0MJCIF6PV4eNLsVHyVVYPFftFlsvskUWXcfwMx03d-6wL9pWRHpjxW36WWS54OJuB6I6cyYYYZ_ZYEZWYAo0P6bX3lBFldNQfg3b2NW0RLh7MTHRHV3KrWYz3fPiUhFBRt3aGzdZCYpcThX1CnFRKP6XepqR9IT9cWUk5qaxjNalTQM5A2Ye2y4Xy7YznraR36UUFal1i6qsd4Sn1DKTHgFvV6rj_4s7jtHbuleKAelatUsNepQGakS04aEmxziAkXp4lLcymd49AZz2ONzBeSZWov1t5AzeqgFFja1jdh3Uyo-jhouQWpAUyRrl35PrTLmRfR2H5rkGkg64seWpD_8PH92J1HCca_QUQOMGepyrLJKYmBjqVpndqKBtPzmmbf8I4SWyhvHAw9_p0GFxsk2POI_kmyONDknPJ2q8UaPQEiGQVcJCy9DV3EuvsEr6FCzlG_WPX3refhJNnWx_ZUhRr6G16zJgoXENxOx70JJCAZclGn7ayFzoP5pgRXy_ASlqazwAHjQcqilU0ZTEL5iY42C3L-abF7oKJm3tuy9dRHGS2Lhy3ecykM3tolz9uxBT6R9WLCCZZHUZ4wP2PsKWOU2Y5aOARj3F8BYNfZwCSYSIlrT5zLc0S0Jqyx7KIY4-4ULn9lVKteLSz2UCU5MdkbFuUBaDxS_0KYi8s8iezotQSYiOTwD_RIGeNqRhh91sKm6pLXx7aV8XBTkl-WI0mxoOhdXkwOQF_xmnBREvX_8GUbchu3bcLtzmNSzFFyTUd0JDRUYFcyKOIT_zTd-yBChii4r3W4gQ6QJzSseRtEIcJ1XQmK1CpFf7U-bxk-Ha8hFA_hEGOQWxnQEOq0swnSg3xJZSwrAcGfrJUnFS312pyo-vWOj1JvcK3Nz3jtTA3d3AvWO76LdJi-DPDVOnS8KBZcOLKWQK468AqWrQMa0O11-V7bhQNf9lt2aF4ju0W5-CHhaZeyGTgYguzGV-Fjycm28dn6p1T0IZgetCS1WXGOAQEFOqtRhTuVv3Oa2lGe-CjtrMrNUDViAfJ0C2s731ZTo4GX923IVeibhF8YoUoOQkKMXpJm1ae6IZc5B2rRxUVRsntfEVzSLZPihcU6X1hIczc&cid=CAQSOwDq26N9QLQhAHLmUYY9x69hBxYqivBUehV17dTd7KuguyAKd9JdjXsfEsVaqyjWmbSfkObNXqBaOXMIGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbanks.org%2F&ds=l&xdt=1&iif=1&cor=3475551814008174600&adk=1761367587&idt=98&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 17:06:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12933
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 17:06:21 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 0C35 28 KB
11 KB 33ms
33ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 17:06:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12933
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10811
x-xss-protection: 0
server: cafe
etag: 10713822464293745175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 17:06:21 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15637646851658108754/ Frame 676D 5 KB
2 KB 23ms
21ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15637646851658108754/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0442992dfd1d698762ad163d6dbfaf0ccc3a9ccbbfc5e0820ad34762dfacf56f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 107461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1638
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 14:50:53 GMT
expires: Thu, 18 Jan 2024 14:50:53 GMT
last-modified: Tue, 15 Nov 2022 09:04:27 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0C35 0
0 78ms
77ms Fetch
image/gif 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsveg3W2kbd-R6iJsRk-2bwlLWejqvCAZsu66HJXrcRbz17AHi0fb5Mprr7oAvsls02CDW-6pliOVjc4KiYy35v6Dv6ZRJRt3ukLHag7YqPNR8IP8gbXGCf90WWcAeTqB3oKEl2VuiMxoMQwZBQVyK1AfygLfsxFz1Xv0jALaePILJXXLTJACkmbTz82YaeZHJylSNVcBdye2iIoPnL6c439qApWmwzPzAxPS465v1eWlwSr_r6VAp-1VUYDuoNsG3thb1IzPanYbhjVaUKQZ8g2PtoLAFw2KTNdbOkKWKR_VEO2n-uUusG0m2YRpI4R1nPCLX0IcHj44HNGqpg_w4kmiynMOCKlJ8qD7zsngA4MqajTlZwcZNYoJ2d-KWuT2V71QnFYhJ7tgNKOGH3hhV00lCtG9CijgfO8syOidqht5Y2E_h_raFQGebU6DWrHaUAkn1Q89OOUkjFOLF72-QBOtY7qJ7DsTVreES0IQRpIg4dlaZt6-F8s6HTQO_OFOQiQjkDHypsOACiogoCZItkntVii7VcFAFMS6rItOKVB50SfDx1jOqG7caKa6mtL28yMFCXZABz3XP7P9rTSMhRgY-ILG-NrmusJPZ6rgW_SeuACPsooGZZtEm5H18F0zmmWNX1YKMnRIbSaRK2f5mpbFGOyPjj3LqsK8ayGwdYVsU4XQmQjr1y46nuLZsUC98c0IlWjJaPa3ggNbfWP4bNDOFTMFjNnrx7x7ll-qmVKZiKeh8uxj8x-TBBFvxbOLINAjxX5-oDSpIvYlokSmOazi0qfzjF16V_EeTLeTycnRqIvXbWTn-fJfKHK7AxC0SURxEoN_rkJu7uksJpOA4uYQUxpIawxRVI-ke3Zvvf2REhzjXSFUwPxeTAT6XD2atuIy9DuE-Qk2CDvGgbc9Oc1M54PMePwi5rVOoKjVKlyV3I1EFRT_ZsaYfjVsyIgqBOZuVOL_pmCBVi7Ss27oKb-7zYi74AtjFn3onAxkxOajR5BRdcwycf1tqFZy72ke_J9A9hrVBvS1_tBOrWVpdnKEyLx46Au0pOwOfkiQ7-dCorH_jR3PrRiY63Vy9W0cwTx1HUxMKqgqjU06m-7Y8qgg-qGZUAcy3MN9XutsC81_mZuAj1t4unAZTfHkWTnHEPvy1jmq3MyWqYmBvgI8BxXLbkual6-i7hU7aO7HDIz07xg_t6HpMmgjDml0PP7KPYbEesr_GKCX6m2PN-bqdThu-RUQhvrt5_gqFqZ2iWXxWnmMQQ6Ufn-dHgPNNhpGUKtWcbAIw&sai=AMfl-YR7McD9QXnQw_TRnoVSfLAhjSqcXmYLzGLGhiFJnEUoN02HUjNSnLxIh_SldmZa4ZtMxzhcl7M2jFD0M3BpkM1jGBXvLcRBZX53dbN5yNBkY5N-yv3d2FTaV7zlSuFgSxEPuxTKHeOqQ54r4n7tNHyiI0uUBeoT3jI5YI9dF0MjurKmFwKNtbCAQBPadZjOhVO640GYm9YnYpJ3USo1ZT36OfeubyO9Bp_90lrdbSqLTlo2yK-AzLbeWLojkP_nW9-SCQAPwCs&sig=Cg0ArKJSzA6v72L3tVAyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=47&cbvp=1&cstd=43&cisv=r20230118.98898&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: banks.org
URL: https://banks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 19 Jan 2023 20:41:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Jan 2023 20:41:54 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0C35 41 KB
15 KB 35ms
34ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 21:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83298
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 21:33:36 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3B27 1 KB
643 B 34ms
33ms Document
text/html 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 06:31:40 GMT
etag: 48472445140208031
expires: Fri, 20 Jan 2023 06:31:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0C35 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3432337e3b7dc717844c39566debabf28029a2c2d723fc10b6eb4e952ea1451f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 style.css
s0.2mdn.net/sadbundle/15637646851658108754/css/ Frame 676D 1 KB
493 B 21ms
20ms Stylesheet
text/css 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15637646851658108754/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44aee712f89e4dba6b188165680533e1be14f44ec6557766f086bd9c18498e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 456
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:04:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 16:39:59 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/15637646851658108754/images/ Frame 676D 27 KB
27 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15637646851658108754/images/bg1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcf1da7c9e047535b9e028b69e1714e68f9015e3c1fd70fd810bb86c499f4fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 08:31:45 GMT
x-content-type-options: nosniff
age: 216609
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27873
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:04:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 08:31:45 GMT

GET
H3 200 copy1a.png
s0.2mdn.net/sadbundle/15637646851658108754/images/ Frame 676D 5 KB
5 KB 39ms
37ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15637646851658108754/images/copy1a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a961736ba4b49857768c117032901c13633d9eb3a6612cfcf5f62d41fce40c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 16:51:05 GMT
x-content-type-options: nosniff
age: 186649
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5581
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:04:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 16:51:05 GMT

GET
H3 200 copy1b.png
s0.2mdn.net/sadbundle/15637646851658108754/images/ Frame 676D 4 KB
4 KB 37ms
35ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15637646851658108754/images/copy1b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

602e62e7f0887a0c6421617ce84dfd53e2679063719c3965cc23a10ebfa44dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 10:19:40 GMT
x-content-type-options: nosniff
age: 123734
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4282
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:04:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 10:19:40 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/sadbundle/15637646851658108754/images/ Frame 676D 17 KB
17 KB 31ms
29ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15637646851658108754/images/bg2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f930b9eaead8b720f16f7f43cabb57ad5d840dbeb35de1372101502d42afe9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 03:11:29 GMT
x-content-type-options: nosniff
age: 235825
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16953
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:04:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 03:11:29 GMT

GET
H3 200 copy2a.png
s0.2mdn.net/sadbundle/15637646851658108754/images/ Frame 676D 10 KB
10 KB 36ms
34ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15637646851658108754/images/copy2a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cab8c4192cfed20108335aaceae350af7824b17dc64335ed02e10b30309c7e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:03:54 GMT
x-content-type-options: nosniff
age: 488280
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10492
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:04:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Jan 2024 05:03:54 GMT

GET
H3 200 copy2b.png
s0.2mdn.net/sadbundle/15637646851658108754/images/ Frame 676D 4 KB
4 KB 29ms
27ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15637646851658108754/images/copy2b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5555e4b9a07b366fee2419e186e4463a24d342e3bc67c78a2dbff3c9dcfae466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 03:01:39 GMT
x-content-type-options: nosniff
age: 150015
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4287
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:04:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 03:01:39 GMT

GET
H3 200 bg3.jpg
s0.2mdn.net/sadbundle/15637646851658108754/images/ Frame 676D 20 KB
20 KB 27ms
24ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15637646851658108754/images/bg3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

524e908a23be3cf6f130093a802407ac2c5da054e3a961ef69a4fc4d399e6f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 13:42:53 GMT
x-content-type-options: nosniff
age: 197941
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20826
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:04:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 13:42:53 GMT

GET
H3 200 copy3a.png
s0.2mdn.net/sadbundle/15637646851658108754/images/ Frame 676D 9 KB
9 KB 27ms
25ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15637646851658108754/images/copy3a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05061ec663a6962900d1fbcc34ae198b0bd103eace2535f40857adbca8077d08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 06:08:41 GMT
x-content-type-options: nosniff
age: 138793
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8859
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:04:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 06:08:41 GMT

GET
H3 200 copy3b.png
s0.2mdn.net/sadbundle/15637646851658108754/images/ Frame 676D 7 KB
7 KB 29ms
27ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15637646851658108754/images/copy3b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eabd54938fbdc28253f820059fbdbbb535443d7f12ce32b2d3a319583280e272

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 05:34:49 GMT
x-content-type-options: nosniff
age: 227225
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6977
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:04:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 05:34:49 GMT

GET
H3 200 copy4.png
s0.2mdn.net/sadbundle/15637646851658108754/images/ Frame 676D 5 KB
5 KB 40ms
38ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15637646851658108754/images/copy4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a961736ba4b49857768c117032901c13633d9eb3a6612cfcf5f62d41fce40c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:03:10 GMT
x-content-type-options: nosniff
age: 117524
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5581
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:04:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 12:03:10 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/15637646851658108754/images/ Frame 676D 2 KB
2 KB 39ms
37ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15637646851658108754/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c39893215953eddfa50dd9a577d0d54fdbd7849af9ce1a2b0e63527cce1a70f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 11:59:45 GMT
x-content-type-options: nosniff
age: 204129
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2384
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:04:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 11:59:45 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/15637646851658108754/images/ Frame 676D 928 B
962 B 39ms
37ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15637646851658108754/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7db99eb472364cbda10f8ae05cc2a2682fb1c62127b09c54005403fdbb0ed783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 08:31:11 GMT
x-content-type-options: nosniff
age: 216643
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 928
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:04:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 08:31:11 GMT

GET
H3 200 cta1.png
s0.2mdn.net/sadbundle/15637646851658108754/images/ Frame 676D 878 B
912 B 38ms
37ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15637646851658108754/images/cta1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

987103495b2c36ebd1cfe0c8d9225f6900c7b822986106ecc63302337d8f344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 08:26:49 GMT
x-content-type-options: nosniff
age: 216905
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 878
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:04:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 08:26:49 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 676D 60 KB
24 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 Jan 2023 20:41:54 GMT

GET
H3 200 banner.js Show response
s0.2mdn.net/sadbundle/15637646851658108754/js/ Frame 676D 4 KB
768 B 27ms
24ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15637646851658108754/js/banner.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efd17d1f748a63ba68247a87b33545df959fa20051674652ad1ca3967bcfcfb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15637646851658108754/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 07:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221293
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 731
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:04:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 07:13:41 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0DFC 22 KB
8 KB 34ms
34ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 22792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 14:22:02 GMT
expires: Fri, 19 Jan 2024 14:22:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3B27
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA607MDK2qGS49Y_kwZxxhU&google_cver=1&google_push=AavPq0M-cpDV9EpuUj1RRKxq538WpF7OaylRmDh14H15LpXe5mGDAo_l6sTsFU5hDik3Ych0krS3Y6-1W27eKleJfT_beQpFyYus
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk0Mjc4ODk4MzQyNzc2MzAwOA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA607MDK2qGS49Y_kwZxxhU&google_cver=1

43 B
398 B

62ms
28ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA607MDK2qGS49Y_kwZxxhU&google_cver=1
Requested by: Host: banks.org
URL: https://banks.org/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 19 Jan 2023 20:41:53 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA607MDK2qGS49Y_kwZxxhU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 3B27 0
104 B 329ms
141ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEI-TUQS1_qkWaiCyQeglTWE&google_cver=1&google_push=AavPq0MA3swhPB3guavjgiciT0LAx7uVEbYBUZzzg3cyTBJTDr738HOpn4tCtsMdd7LlsieKUbN7cQnBVYgpTnIBsN-poEsRzXJcbQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=280&adk=3039446094&adf=1308214307&pi=t.aa~a.343856025~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=336x280&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912992&bpp=1&bdt=2038&idt=0&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280%2C263x600&nras=4&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fwoQU57OeO&p=https%3A//banks.org&dtd=322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3B27 70 B
265 B 172ms
49ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENdnVi5Yuj2jCVxMTf0GWVo&google_cver=1&google_push=AavPq0MX2qtDVQSoKoqaZqv418Nh0BluRz8-C9G5yZVl2D3pz08VR19HA7Se3F1b_C0DR81-8CIMcSilN5jzUnbWyj9r4VTHoIuy
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=280&adk=3039446094&adf=1308214307&pi=t.aa~a.343856025~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=336x280&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912992&bpp=1&bdt=2038&idt=0&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280%2C263x600&nras=4&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fwoQU57OeO&p=https%3A//banks.org&dtd=322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B27
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGxYBhxp_55q09sMq3kH4pY&google_cver=1&google_push=AavPq0PMbVJ5khgzr10BeUCkkG92MdEVnNWntJg53dMe_6KnlPj-WJFDYsaZf7Tgjdy92fDwLi3I1-nxgQb_vk...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MDQ2NjM3Mzg5NTUxODM0OA%3D%3D&google_push=AavPq0PMbVJ5khgzr10BeUCkkG92MdEVnNWntJg53dMe_6KnlPj-WJFDYsaZf7Tgjdy92fDwLi3I1-nxgQb_vkg166...

170 B
188 B

33ms
33ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MDQ2NjM3Mzg5NTUxODM0OA%3D%3D&google_push=AavPq0PMbVJ5khgzr10BeUCkkG92MdEVnNWntJg53dMe_6KnlPj-WJFDYsaZf7Tgjdy92fDwLi3I1-nxgQb_vkg1660uRW7IZwej4w

Requested by

Host: banks.org
URL: https://banks.org/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MDQ2NjM3Mzg5NTUxODM0OA%3D%3D&google_push=AavPq0PMbVJ5khgzr10BeUCkkG92MdEVnNWntJg53dMe_6KnlPj-WJFDYsaZf7Tgjdy92fDwLi3I1-nxgQb_vkg1660uRW7IZwej4w
Date: Thu, 19 Jan 2023 20:41:54 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B27
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEM_R6OYWNfcGGx_UuTWKXKQ&google_cver=1&google_push=AavPq0NyAm9He-ImiPwyzFE8dsgYPEWh-e7kvmNkQUzLXPNPA1CK8z70xGnXxtQ-cKmigaUXPnHOiZnIBVkNKITNnd2w0gn...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NyAm9He-ImiPwyzFE8dsgYPEWh-e7kvmNkQUzLXPNPA1CK8z70xGnXxtQ-cKmigaUXPnHOiZnIBVkNKITNnd2w0gnC9oW49A&google_hm=eS1jSi4xMlp0RTJwRWZL...

170 B
188 B

32ms
32ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NyAm9He-ImiPwyzFE8dsgYPEWh-e7kvmNkQUzLXPNPA1CK8z70xGnXxtQ-cKmigaUXPnHOiZnIBVkNKITNnd2w0gnC9oW49A&google_hm=eS1jSi4xMlp0RTJwRWZLWVhWbHg1UVBFT3Q5QWVzeVQ3YX5B

Requested by

Host: banks.org
URL: https://banks.org/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 19 Jan 2023 20:41:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NyAm9He-ImiPwyzFE8dsgYPEWh-e7kvmNkQUzLXPNPA1CK8z70xGnXxtQ-cKmigaUXPnHOiZnIBVkNKITNnd2w0gnC9oW49A&google_hm=eS1jSi4xMlp0RTJwRWZLWVhWbHg1UVBFT3Q5QWVzeVQ3YX5B
content-length: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 3B27 0
75 B 208ms
32ms Image
text/plain 185.86.137.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEHYOJuCdhobYUXWJ1VQ6xBE&google_cver=1&google_push=AavPq0Ob1gduaqSRpxuikAk8dECxmW--vVXKDz9zMYUvlPfjMYmcx0eb6xbcab0spaMr4fML8ssGs-ax_NvLY3S2VM0MXj6bFoCR5Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9300874048195348&output=html&h=280&adk=3039446094&adf=1308214307&pi=t.aa~a.343856025~rp.2&w=336&fwrn=4&fwrnh=100&lmt=1673452314&rafmt=1&to=qs&pwprc=3371083428&format=336x280&url=https%3A%2F%2Fbanks.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674160912992&bpp=1&bdt=2038&idt=0&shv=r20230118&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19573434241cd5ba-225c363054db0054%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw&gpic=UID%3D00000ba590a504ac%3AT%3D1674160912%3ART%3D1674160912%3AS%3DALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w&prev_fmts=0x0%2C1200x280%2C263x600&nras=4&correlator=3179884074230&frm=20&pv=1&ga_vid=161532453.1674160913&ga_sid=1674160913&ga_hid=2098212004&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=4788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779793%2C31071579&oid=2&pvsid=4026102940876832&tmod=618377683&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fwoQU57OeO&p=https%3A//banks.org&dtd=322
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:54 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B27
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEinBMFuGrM-ebLOsi6Ccag&google_cver=1&google_push=AavPq0PIvPe_A55zw...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODg1NjM0NjE2MzY4NzE1NDc3Ng%3D%3D&google_gid=CAESEEinBMFuGrM-ebLOsi6Ccag&google_cver=1&google_push=AavPq0PIvPe_A55zwkss1A07HBCogX8uwL...

170 B
188 B

33ms
32ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODg1NjM0NjE2MzY4NzE1NDc3Ng%3D%3D&google_gid=CAESEEinBMFuGrM-ebLOsi6Ccag&google_cver=1&google_push=AavPq0PIvPe_A55zwkss1A07HBCogX8uwLTnGJEWK_sbRTxtvXCXVV2jDKsjhzvqNfr6oHzSxF1Ub6SuTyt41fvNMWi5C-Pf7awXUg

Requested by

Host: banks.org
URL: https://banks.org/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 19 Jan 2023 20:41:54 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7b2040e3-2a85-4a66-9405-fb5564aeeecf
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODg1NjM0NjE2MzY4NzE1NDc3Ng%3D%3D&google_gid=CAESEEinBMFuGrM-ebLOsi6Ccag&google_cver=1&google_push=AavPq0PIvPe_A55zwkss1A07HBCogX8uwLTnGJEWK_sbRTxtvXCXVV2jDKsjhzvqNfr6oHzSxF1Ub6SuTyt41fvNMWi5C-Pf7awXUg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3B27 0
12 B 29ms
29ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IYroPOXJ0Qz3BPa2FYeDhCByQhydkkL_3qiXR-077JC9Gb6CXcFOH4xOstgq7dA-8FxbKSSg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DFC 36 KB
16 KB 38ms
33ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 18:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jan 2024 18:28:24 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0C35 0
0 70ms
70ms Fetch
image/gif 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsveg3W2kbd-R6iJsRk-2bwlLWejqvCAZsu66HJXrcRbz17AHi0fb5Mprr7oAvsls02CDW-6pliOVjc4KiYy35v6Dv6ZRJRt3ukLHag7YqPNR8IP8gbXGCf90WWcAeTqB3oKEl2VuiMxoMQwZBQVyK1AfygLfsxFz1Xv0jALaePILJXXLTJACkmbTz82YaeZHJylSNVcBdye2iIoPnL6c439qApWmwzPzAxPS465v1eWlwSr_r6VAp-1VUYDuoNsG3thb1IzPanYbhjVaUKQZ8g2PtoLAFw2KTNdbOkKWKR_VEO2n-uUusG0m2YRpI4R1nPCLX0IcHj44HNGqpg_w4kmiynMOCKlJ8qD7zsngA4MqajTlZwcZNYoJ2d-KWuT2V71QnFYhJ7tgNKOGH3hhV00lCtG9CijgfO8syOidqht5Y2E_h_raFQGebU6DWrHaUAkn1Q89OOUkjFOLF72-QBOtY7qJ7DsTVreES0IQRpIg4dlaZt6-F8s6HTQO_OFOQiQjkDHypsOACiogoCZItkntVii7VcFAFMS6rItOKVB50SfDx1jOqG7caKa6mtL28yMFCXZABz3XP7P9rTSMhRgY-ILG-NrmusJPZ6rgW_SeuACPsooGZZtEm5H18F0zmmWNX1YKMnRIbSaRK2f5mpbFGOyPjj3LqsK8ayGwdYVsU4XQmQjr1y46nuLZsUC98c0IlWjJaPa3ggNbfWP4bNDOFTMFjNnrx7x7ll-qmVKZiKeh8uxj8x-TBBFvxbOLINAjxX5-oDSpIvYlokSmOazi0qfzjF16V_EeTLeTycnRqIvXbWTn-fJfKHK7AxC0SURxEoN_rkJu7uksJpOA4uYQUxpIawxRVI-ke3Zvvf2REhzjXSFUwPxeTAT6XD2atuIy9DuE-Qk2CDvGgbc9Oc1M54PMePwi5rVOoKjVKlyV3I1EFRT_ZsaYfjVsyIgqBOZuVOL_pmCBVi7Ss27oKb-7zYi74AtjFn3onAxkxOajR5BRdcwycf1tqFZy72ke_J9A9hrVBvS1_tBOrWVpdnKEyLx46Au0pOwOfkiQ7-dCorH_jR3PrRiY63Vy9W0cwTx1HUxMKqgqjU06m-7Y8qgg-qGZUAcy3MN9XutsC81_mZuAj1t4unAZTfHkWTnHEPvy1jmq3MyWqYmBvgI8BxXLbkual6-i7hU7aO7HDIz07xg_t6HpMmgjDml0PP7KPYbEesr_GKCX6m2PN-bqdThu-RUQhvrt5_gqFqZ2iWXxWnmMQQ6Ufn-dHgPNNhpGUKtWcbAIw&sai=AMfl-YR7McD9QXnQw_TRnoVSfLAhjSqcXmYLzGLGhiFJnEUoN02HUjNSnLxIh_SldmZa4ZtMxzhcl7M2jFD0M3BpkM1jGBXvLcRBZX53dbN5yNBkY5N-yv3d2FTaV7zlSuFgSxEPuxTKHeOqQ54r4n7tNHyiI0uUBeoT3jI5YI9dF0MjurKmFwKNtbCAQBPadZjOhVO640GYm9YnYpJ3USo1ZT36OfeubyO9Bp_90lrdbSqLTlo2yK-AzLbeWLojkP_nW9-SCQAPwCs&sig=Cg0ArKJSzA6v72L3tVAyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=163&vt=11&dtpt=116&dett=3&cstd=43&cisv=r20230118.98898&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: banks.org
URL: https://banks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Jan 2023 20:41:54 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0C35 7 KB
6 KB 72ms
71ms XHR
application/json 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

160634fc8f98cdc2e03b5d314c91fc42056681960341e6f2865ebd8a96413b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5721
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0C35 17 KB
6 KB 108ms
108ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 20:41:54 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0DFC 0
20 B 155ms
155ms Image
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9cEAEqvJY9TTGvrK7_UPiueYoAEAAAAAOAHgBAI&bg=!_P-l_7vNAAYDMoyoIzI7ACkAdvg8WiqxA690eLFmE0Pp6ljScDK2Q5zkDtQHK05ANix6huzcTpr1DwIAAABLUgAAAAJoAQcKAEcnznpnmHq-7WtDiBMHmHfWGcF4_urd-gAiJoJlDjO2vizDfufaoB1Qm6lHstW0VLB9rxFifhKiIkjx1jrxoiTMWrX8gV6vxJkC6Y9ettdxJK3WV95qYOA15OW9LZnTuv_R9_zTAU7ROyL5eIWl09KqRBMKeGwduKDFzn8NSDRoGEyCy2XjbyPiUF5UhKs2JTpftstpxcVrmUR3UovOFcVIDtwowYRNY3IrR-l5s3k0Od2r7qsjL_ahvP1rLy8qZzy31eTFmNL_oettyugyu6G5FmriJqme6rObXU9xG_GG5FA47Foc2xEvHz0ZnOg6hcb56yhusoOiB6BzNfsxhwk0oHGJ9f9r-pvHE4ppZP2TQGSmgKgGsMMWEwo-1wcK-Dp3mpUECha287RUxyBTdXKQHz45Hcy9D-qUtJPba7hHioZ-lSUdhrnOXrqpq9B9Gvn2WgbcTESz27055L8VzeUpKttzXwzdiXuJK5rfmlxqjlFrrSjDCqULDhOa7UpF6yG3NxX2pKP-3WxxNUSEZD_A9DW8uENGcFspqiJehzNTmoeLYSU55c3lhQkoU6paJ1dmLUdKVZT2mcxT84Zstt6Xeh8P0D2FSisS8wwQUgeL9CQnZE-zxQ_yooYIsKSeiZz2MxBEYDsdx6jJczY4Em_j7uWqxu9d7SN3wEiURUrBLzFSA4IMTOqErSfl-vdiRp77O2TQ49yVIoY1YbRuSVkaSZF39gi8Hczd1-LJ3txBztkvE_ANPb878cDiP3W3-Uj8SLLIvxxSxMDExa_VS9lr50SpcAMhSJ8YVoYMDCv38Ng2C4DpZkiPW1AjSpxe6gVwO4Zi6bvSdVZDB8Fucu8eX_yCMVIg5iTVljp1zhFcIOFcPZzb6dLNIS6y46gzvvtNH8B0NNad2yBUnUmKdp20_REvfYoAoAw-SVos95w0UKJS-hgsWuV5fsPodp_dvXnIlzowsDxSb58QAbBUcOUDP1SzdpT58KIqFs2Rep1WBKl0oGP5VqD8VGhloZdKpHsNC40qWflWi89GocGoHWI4GuFUh2L_5t0qqrzhmt5MOWkjwX1Bi7GTKRjYXq_xhnPORSA

Requested by

Host: banks.org
URL: https://banks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 82ms
82ms XHR
application/json 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230118&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

285084724c0d3d6dd41438020dfa75e9bfcf67dff226767381fddedd9e2e2598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11076
x-xss-protection: 0

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 1DBC 36 KB
16 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 18:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jan 2024 18:28:24 GMT

GET
H2 200 794-featured-336x159.jpg
banks.org/wp-content/uploads/wordpress-popular-posts/ 22 KB
22 KB 206ms
204ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/wordpress-popular-posts/794-featured-336x159.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: b9dad9cc2b20c83730fee65fb98286b28436e715427d2494ed3cbbfdf0c4f832

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:54 GMT
last-modified: Tue, 16 Jul 2019 07:10:45 GMT
server: Apache
etag: "565e-58dc713474740"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 22110
expires: Thu, 16 Feb 2023 20:41:54 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 69ms
68ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 20:41:54 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B958 13 KB
5 KB 35ms
34ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 137413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 06:31:41 GMT
expires: Thu, 18 Jan 2024 06:31:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 623C 783 B
536 B 72ms
72ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8e81d362248a512e1253936330d6225e340fc47a319bf2a3cbeba83bfca30df4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-F-0vK7JT0ksGUBrz_OZWLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://banks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-F-0vK7JT0ksGUBrz_OZWLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 20:41:54 GMT
expires: Thu, 19 Jan 2023 20:41:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame B958 36 KB
16 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 18:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jan 2024 18:28:24 GMT

GET
H2 200 citi-holidays-846x400.jpg
banks.org/wp-content/uploads/2022/12/ 56 KB
56 KB 201ms
201ms Image
image/jpeg 2607:f1c0:100f:f000::253
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banks.org/wp-content/uploads/2022/12/citi-holidays-846x400.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f1c0:100f:f000::253 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 29fdd734852b4f6ce48f9560d82467cd1a1ad75da8233b86b1a1a09646254401

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 20:41:55 GMT
last-modified: Thu, 29 Dec 2022 15:04:51 GMT
server: Apache
etag: "dfb6-5f0f8ce91819c"
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 57270
expires: Thu, 16 Feb 2023 20:41:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 623C 0
0 148ms
147ms Image
text/html 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230118&jk=4026102940876832&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A441 42 B
64 B 155ms
154ms Fetch
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulDTIMP2xT-M1vb2dWF4ZMFOfwYRXCs7iv2dml8a6SCf31rGOYnBDHwhHkW3hLYTnO4ghZHGDwHUbnGg8pQjetn8j3QpRROA9f4_qYjfpnCacacxbnS6zZXkRlfTVfVmgkSqXwMA&sai=AMfl-YTDBgSTlamrqLV-XZ-Iie9Z_Fqjpo7BTk0M-AuM2CqaFP3EZUxfq9HrBxWhT3MgPchcO8POPEur0ZLFH8A&sig=Cg0ArKJSzPyisjk6uMXvEAE&cid=CAQSGwDq26N9oj086IRgQX1pWJ-nruZbtis07pBAPhgBIBM&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4144480424&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674160912777&rpt=1420&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D8 0
20 B 149ms
148ms Image
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=dbg&cor=3819253069018097456&x=1&ct=76&dl=2&ds=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 155ms
155ms Image
text/html 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230118&jk=4026102940876832&bg=!5-Sl5KDNAAYDMoyoIzI7ACkAdvg8WtUyC-ClK5kYqwYBaUsop3agKMmPqaYTi7UBMrZDhREvnBdiBwIAAABHUgAAAAJoAQcKAE26AJfLRL1dUXeJ_U0QN6eCDZ-UMjtHLwglKO9j6ynkVeBSqkNme8gwzdblj9BrSs9Ak1RBR33ohaCjlAKAEnavViRWuxRWYbyitZLtu5kCooJ8enYWlIi7IRejPvLJnz9EsLigzR98fYIgSR2F_hgTOeVr9qUS1AIbqB96h9iXPA0WPQCOMdVAIweOYjowLBg_Rk-HrHnVXQVMoTfjwZaTyo6RPgc41mKXKCiJvgsPDYr3sqisgheJFRBviW3hftQn_3wkHFzCeVj9_CTDHRlXAy1X6rWqko5yyIiKV973yTSxCmKP2KJ69y5Cry1CpH5-vlR4E4bhFK1v28tP8QxB5vEROjA5rrim9axA2VZe_CBSPe-06ceJU3DDSLQDC9H3VRXby7GH9MNJgvgYp60kwhI363uWrxI9wANbyTtgwWqFD5UyBzX6cCJnYotte8McubNB4XI7Xp3FehbEkW7Lz7hkiRbt-cM76Dxw2asExRovn2NJh7waG-_LTY6H4apXr5jK_Xv9xqYA8i4oH34Z9yrly5n98rVI1sE9UtJy4LT2FeM5AjQvF5OcfJe_Vba8AmVuVzp5fX-gfJEmUA8MJX23QUSu1q8Gqsu2hYZCQLso0isZSXMa56hd-JjU-Tgoex8wmosxN3ZXrADec_4xJEKiKjZUH4G5UT8bSUbFcHDbU1B58i1V8yv1z0m_lF72sX_PfAX_jNqI0IPq8y7cJb3u2f-QEyL1Nx9dsTtRdoX7sd6gv91k-d3sNl1q6bYncoLP9VHI-y_2lBTabZIyhE8vNZuPIind3xm3CJOxw9MqS88focdpFYHmfPTzUmS02g0RrxjOh_QjcAUd8wfrmFtPMFl9prBMYnOmLiS9tAbhnpWwICaNjgV8TgtTjkHoPDD_1E7S9UKgzuZApQ9Iw2B9Ci4AM080kjavzVfd6wLfI5tgVKKxz6j37fpyC4wqdEcTUiRInzboCwR7ZwpsqfZj7f1Dm0E9Fvk0pjb1Bqaz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C35 0
20 B 150ms
149ms Ping
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3372409531656&version=m202209210101&ct=76&x=1&cor=3475551814008174600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D8 0
20 B 148ms
148ms Ping
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9438922073907&version=m202209210101&ct=76&x=1&cor=3819253069018097700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 20:41:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
367 B 123ms
46ms XHR
application/json 35.190.25.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1674160917267

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.25.25 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://banks.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Thu, 19 Jan 2023 20:41:57 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://banks.org
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 16
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

GET
H3 200 Tuitype-Bold.woff
s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/ Frame F896 32 KB
32 KB 20ms
20ms Font
font/woff 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/Tuitype-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72ac9945714b5daef7842be8a7245a5dab9a30392a342935f0c4d81643635206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/fonts.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 06:00:28 GMT
x-content-type-options: nosniff
age: 139289
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33164
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 06:00:28 GMT

GET
H3 200 Tuitype-Regular.woff
s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/ Frame F896 32 KB
32 KB 22ms
21ms Font
font/woff 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/Tuitype-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79a4dcccb7123bdad0763c6dfff95db363b3d1b6c3b5958756a4b0a04e1805da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/fonts.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 06:00:28 GMT
x-content-type-options: nosniff
age: 139289
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32792
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 06:00:28 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.banks.org/	1970-01-20 17:48:16	Name: mp_a211e7d3be743a0c4011c2a226c99284_mixpanel Value: %7B%22distinct_id%22%3A%20%22185cbc4378e1145-03fd1e8e1abf18-13363b7c-1d4c00-185cbc4378f1089%22%2C%22%24device_id%22%3A%20%22185cbc4378e1145-03fd1e8e1abf18-13363b7c-1d4c00-185cbc4378f1089%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.banks.org/	1970-01-20 18:24:16	Name: __gads Value: ID=19573434241cd5ba-225c363054db0054:T=1674160912:RT=1674160912:S=ALNI_Mbc9LPEcb5F7x9Qs1YdTmMtTK4zrw
.banks.org/	1970-01-20 18:24:16	Name: __gpi Value: UID=00000ba590a504ac:T=1674160912:RT=1674160912:S=ALNI_MbqEd_CbzLhxdRos9_HMzbiSN1v7w
.adnxs.com/	1970-01-20 11:12:16	Name: uuid2 Value: 8856346163687154776
.casalemedia.com/	1970-01-20 11:12:16	Name: CMPS Value: 2148
.casalemedia.com/	1970-01-20 11:12:16	Name: CMPRO Value: 2148
.casalemedia.com/	1970-01-20 17:48:16	Name: CMID Value: Y8mrEf7EB-.Db7oPEgSXZwAA
.quantserve.com/	1970-01-20 11:12:16	Name: d Value: EDsBCQGLKIEA
.quantserve.com/	1970-01-20 18:32:55	Name: mc Value: 63c9ab11-e0cea-7fcce-e549d
.yahoo.com/	1970-01-20 17:48:38	Name: A3 Value: d=AQABBBGryWMCEDbOxZpgh1DEDM6NAGWxI34FEgEBAQH8ymPTYwAAAAAA_eMAAA&S=AQAAAl-vGP0z3fcYbHwLtxO_Kf8
.analytics.yahoo.com/	1970-01-20 17:48:16	Name: IDSYNC Value: 18yx~29ik
.everesttech.net/	1970-01-20 17:48:16	Name: everest_g_v2 Value: g_surferid~Y8mrEQAAARE7BwAb
.bidswitch.net/	1970-01-20 17:48:16	Name: tuuid Value: 94b0b776-1611-4158-bf61-717a0a119905
.bidswitch.net/	1970-01-20 17:48:16	Name: c Value: 1674160914
.bidswitch.net/	1970-01-20 17:48:16	Name: tuuid_lu Value: 1674160914
.bidswitch.net/	1970-01-20 09:02:41	Name: google_push Value: AavPq0PqkOKTuWJtt95iQZyZDaPnC18u6tU5c65_MR_G_WsvFoeIyb5KBvlkbJmV0tiCHjk-kajGWIIywTv7dCF923TkHGQ4ZG1UaibBZTtbvwWF5oZDm8qZUAMgwwCxW9D-9Q4I9nsMRJN8Ysc
.doubleclick.net/	1970-01-20 18:24:16	Name: IDE Value: AHWqTUnv-D2xTGnNfsurOh501AqDwELszDjhXqyjo7Sde3fshdC_SdtBrwcUsTjXKf4
.adnxs.com/	1970-01-20 11:12:16	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTzh1T9F!]tb:8i_iqf!oN/@E'zz<Z0Qs+It1Ggx:_nyETldD]ZF)Nom'TcN%Vk=]_pTD._PlZ[C[-kX-4Z7G`
.adfarm1.adition.com/	1970-01-20 11:12:16	Name: UserID1 Value: 7190466373895518348
.turn.com/	1970-01-20 13:21:52	Name: uid Value: 3942788983427763008

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
adservice.google.com
adservice.google.de
api-js.mixpanel.com
banks.org
cdn.mxpnl.com
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
r.turn.com
rtb.openx.net
s0.2mdn.net
secure.adnxs.com
ssbsync.smartadserver.com
static.adsafeprotected.com
sync-tm.everesttech.net
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.251.39.66
151.101.66.49
185.80.39.216
185.86.137.122
2001:678:cb4:bbbb::11
216.58.212.130
2600:1901:0:498c::
2600:1f13:800:7780:b826:cff2:4f34:22ea
2600:9000:223f:bc00:8:48e:53c0:93a1
2607:f1c0:100f:f000::253
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2006
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2002
2a00:1450:400d:804::2001
2a00:1450:400d:805::2002
2a00:1450:400d:807::2004
2a00:1450:400d:808::2003
2a02:fa8:8806:20::2010
2a05:d018:d29:3601:3fa2:8fc7:943c:2dee
3.126.56.137
35.186.253.211
35.190.25.25
37.252.171.21
51.38.120.206
52.210.92.129
52.223.40.198
52.29.44.102
69.173.144.138
85.114.159.93
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02320f9705025c1834687f547dc6c49d27cd68043a18936c9dac6120df5560bb
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0320ee490488634cb46e11cee8d350d86fc11600286ed504888fc0af6141f0c7
0442992dfd1d698762ad163d6dbfaf0ccc3a9ccbbfc5e0820ad34762dfacf56f
0500bd58f47403106f2f10da96d8d196941a02a4046e88611a59494557861f98
05061ec663a6962900d1fbcc34ae198b0bd103eace2535f40857adbca8077d08
0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78
0972ea5ef30fec818c79787f12e9bf2060592cd219cfe09acce2a05355a1e712
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
160634fc8f98cdc2e03b5d314c91fc42056681960341e6f2865ebd8a96413b8b
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1d59a0776921077ed9ef682b903c160005790ad0c4d8d4e4b50bdb458f19409d
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1f930b9eaead8b720f16f7f43cabb57ad5d840dbeb35de1372101502d42afe9f
21fab37b6f1eac91c6d52739d68d01b4122234459ef60115c6f1ee227357eb27
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
257011aeda1d6a0056a630915ca6daff92ec03dc6e45df519a89a10c894f2e14
26c0ff25452c0df38cba6be960ed2632117c62a45bbb78d84c15edd9fe09d0af
26e57c1b495a5b20e8daf8b313ce5388286d3938ea5b18eeebd2b104b43e57af
2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
285084724c0d3d6dd41438020dfa75e9bfcf67dff226767381fddedd9e2e2598
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
29d9662278ef63e7d75f26fc4f1d96b4aea1290ee2d001569dd90dab3b5a189f
29fdd734852b4f6ce48f9560d82467cd1a1ad75da8233b86b1a1a09646254401
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3432337e3b7dc717844c39566debabf28029a2c2d723fc10b6eb4e952ea1451f
3c39893215953eddfa50dd9a577d0d54fdbd7849af9ce1a2b0e63527cce1a70f
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
42a2138398903109e146c2aeec93115208dce08b843915bbd5be8a55ae15dfab
42a3e7eb21772042631226aa59844d39505b17934593db5ebf7a4f4681c36bfc
44352f2782055e78f474b678b4fb93ba8f39473a3480015c4b4f5de6906d6323
44aee712f89e4dba6b188165680533e1be14f44ec6557766f086bd9c18498e61
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
524e908a23be3cf6f130093a802407ac2c5da054e3a961ef69a4fc4d399e6f16
5555e4b9a07b366fee2419e186e4463a24d342e3bc67c78a2dbff3c9dcfae466
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
5683e73002d98fa562f7b152f2d97141eeb1ebaaddfb6a56c1e34bd5e765f1e0
57f5fd80ce88993d7729a9b3534607c34413788c9ebbdd0a1ecb90eab26e9832
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a961736ba4b49857768c117032901c13633d9eb3a6612cfcf5f62d41fce40c2
5f1d89bc5364cdab08ab581ba923a894515829024ea669d3c2a43d79ea4fac96
602e62e7f0887a0c6421617ce84dfd53e2679063719c3965cc23a10ebfa44dba
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61eedaa09ffcb40d7f0418f6ce57e64ddb706e506af263d980a3719cfd9787cd
6712b0994a3988b3097601c4cc76815e22ad4a1ac4bb43e740cb465fab87c59d
6a560701c39fb8d3594444acc70a9b591f0d77b740573df4cd4bdb9de2f5ac8d
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
6c0087475dae0eb2ce22cc9ec70afdc94601e9b962dce992d6f13ff590e6f2d2
6cab8c4192cfed20108335aaceae350af7824b17dc64335ed02e10b30309c7e2
6fdd3111748775b4f8f58e0a3709c648da314d1b11e14838be0df6a3fa6f252d
72ac9945714b5daef7842be8a7245a5dab9a30392a342935f0c4d81643635206
76f52951e4880eb9712c68c37f40c977ca2a42b6f3f8e58f75c7ab74fa6535f6
79373afeea5950ed316c219ae0d008e483e172849d49b12cc2be115c3607278a
79a4dcccb7123bdad0763c6dfff95db363b3d1b6c3b5958756a4b0a04e1805da
7b0b5914e6d575e31568f4375e1635a4c867d861d914a126ee007eea87a52b92
7db99eb472364cbda10f8ae05cc2a2682fb1c62127b09c54005403fdbb0ed783
829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15
876f181150664af9e30a4c1da6f8f95eb462aebeb8781db732ff6bc48a1f6632
881165abc0c62af9a1ace026192615efa2b487fbebdec445dda8eab2365a8de8
8bbfeb5b94f750bf430b299f794338d8af8749cea06463a5a5bbc9c95702d338
8d3660a7c0ed2b6f7d09fe26333a10e8bbddc5bb60a14ed86c38d7898c505e4a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e81d362248a512e1253936330d6225e340fc47a319bf2a3cbeba83bfca30df4
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9824f812a64d358318dcf7f4f8e3feed3c33ba63b8bd505a6bc544113c5c1f79
987103495b2c36ebd1cfe0c8d9225f6900c7b822986106ecc63302337d8f344a
9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b01b596141a53577b2668f103832ae0ce17b4019f118ac6811376473eab015c1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8278753710ce6e939a0c82614bbb441c5167b67f10ac6f768a84e0f910410e6
b84170c704c9b4038e176ff9d9270fa0f80c49c6dae64ca19f5b0dbeda6902c6
b9b653ee84e3052f0bc9096b24b78e15f3aae7bbc05561baad3b527bb5e6fcd4
b9dad9cc2b20c83730fee65fb98286b28436e715427d2494ed3cbbfdf0c4f832
ba78318acc6f2e7b17bf23a757d77f5406b9fea6989d0ea1b975f10692e9a567
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c40b3f5804156e86a5588aa67c3e0ad23679f84b66b987b40847fce66f0e74af
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
cb914ca1231703352d1bf40c3eead5fcda2dabc3535bae3436a2b67bc3681f41
cbe8c763a9ec6bd3cad599d7716d01309fd0a922f3b7f52d943bcb1ecb5e27af
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cf51c0cecef50e2e8daf3e92f7b9880baf9c927a183e7fe3bffda9b402a8ddb5
da18ca5c0fcbb13b7cbcc303389199c34093913017249f2a8ba9a2f27049890a
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
dcf1da7c9e047535b9e028b69e1714e68f9015e3c1fd70fd810bb86c499f4fc4
df8684a57441a6cdb0a2e2fa54792015c43180a8cdeb59b6af5eed5fa36982aa
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e1c179a35bbd5bd7f163ee50d2bd50ef441e5a5d321bff57ab78989540bdb068
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ef6cabd8cc928fc520e3d6a25b9557006fb6e7216d54f2f4dabd1e88305423
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
e7b673fef19cc22d33bc7d7c31a05725a1154b6a3a357c4d9549264a1430382c
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
eabd54938fbdc28253f820059fbdbbb535443d7f12ce32b2d3a319583280e272
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd17d1f748a63ba68247a87b33545df959fa20051674652ad1ca3967bcfcfb2
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6e52879c56fb9b5d2d57dc7fdab0658474b04b871001a614b6aa6ec613e56a4
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700
f92c961367429e1d8877512a400d7b6ba208a79cd4eedb6c3a2a441954d67c54
fc7109dd6428c821842660a87bda6494e52c0f4ecad22105a1aed87e440ee0b1
fe882c8b5335f62577f971c21e9966c3531455194e0a5773c43ba792e6d6d2a1
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299
ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3

banks.org Open in urlscan Pro 2607:f1c0:100f:f000::253 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

205 Requests

91 %HTTPS

56 %IPv6

27 Domains

37 Subdomains

28 IPs

7 Countries

2344 kBTransfer

4939 kBSize

20 Cookies

0 Outgoing links

Redirected requests

205 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

banks.org Open in urlscan Pro
2607:f1c0:100f:f000::253 Public Scan

Screenshot
Live screenshot

Full Image

205
Requests

91 %
HTTPS

56 %
IPv6

27
Domains

37
Subdomains

28
IPs

7
Countries

2344 kB
Transfer

4939 kB
Size

20
Cookies

205 HTTP transactions
4 data transactions