zwickau-en.1notar.com Open in urlscan Pro
195.245.112.76 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://zwickau-en.1notar.com/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On June 24 via api (June 24th 2023, 1:16:40 am UTC) from DE — Scanned from NL

Summary HTTP 21 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 21 HTTP transactions. The main IP is 195.245.112.76, located in Dronten, Netherlands and belongs to ITLDC-NL, UA. The main domain is zwickau-en.1notar.com.

This is the only time zwickau-en.1notar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	195.245.112.76 195.245.112.76	21100 (ITLDC-NL) (ITLDC-NL)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
21	7

4 195.245.112.76 (Dronten, Netherlands)

ASN21100 (ITLDC-NL, UA)
PTR: failc749.vds

zwickau-en.1notar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	207 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	10 KB
4	1notar.com zwickau-en.1notar.com	6 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1107	601 B
21	5

	Domain	Requested by
6	pagead2.googlesyndication.com	zwickau-en.1notar.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	zwickau-en.1notar.com	zwickau-en.1notar.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
21	7

This site contains links to these domains. Also see Links.

Domain
zwickau.1notar.com
zwickau-ru.1notar.com

Subject Issuer	Validity	Valid
berlin-en.1notar.com R3	`2023-06-24` - `2023-09-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://zwickau-en.1notar.com/
Frame ID: C7D38BCF73936E918377B52FC25CFBF8
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html
Frame ID: C3522BA6585202E7FE0F10C65117D9E8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3309229152503106&output=html&h=15&slotname=8539308884&adk=827987284&adf=4040433847&pi=t.ma~as.8539308884&w=728&lmt=1687569396&url=http%3A%2F%2Fzwickau-en.1notar.com%2F&wgl=1&dt=1687569396010&bpp=3&bdt=231&idt=232&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&correlator=4325487269930&frm=20&pv=2&ga_vid=453490954.1687569396&ga_sid=1687569396&ga_hid=1404333298&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C44759875%2C44759926%2C44759837%2C42532277%2C31075510%2C44788442%2C44794790&oid=2&pvsid=895961643216860&tmod=1216040508&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=APhg7wqaop&p=http%3A//zwickau-en.1notar.com&dtd=246
Frame ID: 5AF71963878A18EC3EDC16045BD011C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3309229152503106&output=html&h=250&slotname=6679432305&adk=2610157242&adf=2008276382&pi=t.ma~as.6679432305&w=300&lmt=1687569396&format=300x250&url=http%3A%2F%2Fzwickau-en.1notar.com%2F&wgl=1&dt=1687569396013&bpp=1&bdt=234&idt=251&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&prev_slotnames=8539308884&correlator=4325487269930&frm=20&pv=1&ga_vid=453490954.1687569396&ga_sid=1687569396&ga_hid=1404333298&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=166&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C44759875%2C44759926%2C44759837%2C42532277%2C31075510%2C44788442%2C44794790&oid=2&pvsid=895961643216860&tmod=1216040508&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Jc5xzh0kQo&p=http%3A//zwickau-en.1notar.com&dtd=255
Frame ID: D561AF127059F726E4122CCB1DE0A646
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3309229152503106&output=html&h=600&slotname=6100847807&adk=2270681647&adf=2993912892&pi=t.ma~as.6100847807&w=160&lmt=1687569396&format=160x600&url=http%3A%2F%2Fzwickau-en.1notar.com%2F&wgl=1&dt=1687569396014&bpp=1&bdt=235&idt=257&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&prev_slotnames=8539308884&correlator=4325487269930&frm=20&pv=1&ga_vid=453490954.1687569396&ga_sid=1687569396&ga_hid=1404333298&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1262&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C44759875%2C44759926%2C44759837%2C42532277%2C31075510%2C44788442%2C44794790&oid=2&pvsid=895961643216860&tmod=1216040508&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=IjthzEaC6j&p=http%3A//zwickau-en.1notar.com&dtd=259
Frame ID: A098BE2B421DE6005E9C871CDF53C216
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3309229152503106&output=html&adk=1812271804&adf=3025194257&lmt=1687569396&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=http%3A%2F%2Fzwickau-en.1notar.com%2F&ea=0&pra=7&wgl=1&dt=1687569396024&bpp=1&bdt=245&idt=251&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C160x600&prev_slotnames=8539308884&nras=1&correlator=4325487269930&frm=20&pv=1&ga_vid=453490954.1687569396&ga_sid=1687569396&ga_hid=1404333298&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C44759875%2C44759926%2C44759837%2C42532277%2C31075510%2C44788442%2C44794790&oid=2&pvsid=895961643216860&tmod=1216040508&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=259
Frame ID: C219FCD8AB3B75DCB60621B7C5EE59AE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 646E12991A365681DC7E40CFB0247771
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 736AA18C3BD16814D7B05599EE3506B4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Notary - Zwickau, phone address, Maps Search

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

21
Requests

90 %
HTTPS

86 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

226 kB
Transfer

595 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://zwickau.1notar.com/
Title: DE

Search URL Search Domain Scan URL

URL: http://zwickau-ru.1notar.com/
Title: РУ

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
zwickau-en.1notar.com/ 4 KB
2 KB 5094ms
5044ms Document
text/html 195.245.112.76
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: http://zwickau-en.1notar.com/
Protocol: HTTP/1.1
Server: 195.245.112.76 Dronten, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: failc749.vds
Software: nginx / PHP/5.2.17
Resource Hash: 9afe6f32bba4b47011409e722f5ae160aea255429f6e683e30ce677f1a878f0c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=windows-1251
Date: Sat, 24 Jun 2023 01:16:35 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=60
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.2.17

GET
H/1.1 200
OK styles.css
zwickau-en.1notar.com/ 448 B
776 B 123ms
46ms Stylesheet
text/css 195.245.112.76
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: https://zwickau-en.1notar.com/styles.css
Requested by: Host: zwickau-en.1notar.com
URL: http://zwickau-en.1notar.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.245.112.76 Dronten, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: failc749.vds
Software: nginx /
Resource Hash: e987a80abe8716e68f47b078ff6eca4337876e97d74233b736b797145b8c6fd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://zwickau-en.1notar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 24 Jun 2023 01:16:35 GMT
Last-Modified: Wed, 10 Nov 2021 13:52:50 GMT
Server: nginx
ETag: "618bceb2-1c0"
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 448
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK notar.gif
zwickau-en.1notar.com/foto/ 3 KB
3 KB 125ms
41ms Image
image/gif 195.245.112.76
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zwickau-en.1notar.com/foto/notar.gif
Requested by: Host: zwickau-en.1notar.com
URL: http://zwickau-en.1notar.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.245.112.76 Dronten, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: failc749.vds
Software: nginx /
Resource Hash: 3b226b4ad705ae48ad2ce2412df35261ae208e9b21eff82c0c4a53d5b3cbe705

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://zwickau-en.1notar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 24 Jun 2023 01:16:35 GMT
Last-Modified: Wed, 10 Nov 2021 13:51:44 GMT
Server: nginx
ETag: "618bce70-c48"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 3144
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
51 KB 138ms
51ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: zwickau-en.1notar.com
URL: http://zwickau-en.1notar.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7acc3dfb04a414d5595efb09aaafdbbc81638e0679cac8aa251ef1dcb8c80a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://zwickau-en.1notar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 24 Jun 2023 01:16:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 51372
X-XSS-Protection: 0
Server: cafe
ETag: 2429770269375605842
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Sat, 24 Jun 2023 01:16:35 GMT

GET
H/1.1 200
OK 1.gif
zwickau-en.1notar.com/foto/ 49 B
376 B 153ms
41ms Image
image/gif 195.245.112.76
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zwickau-en.1notar.com/foto/1.gif
Requested by: Host: zwickau-en.1notar.com
URL: http://zwickau-en.1notar.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.245.112.76 Dronten, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: failc749.vds
Software: nginx /
Resource Hash: 3efdc17b38de1e83e0de98e28e2b1633209c886a6bdcacc044bfbc5bc6f410fc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://zwickau-en.1notar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 24 Jun 2023 01:16:35 GMT
Last-Modified: Wed, 10 Nov 2021 13:51:44 GMT
Server: nginx
ETag: "618bce70-31"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 49
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/ 345 KB
119 KB 135ms
63ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3309229152503106&plah=zwickau-en.1notar.com&bust=31075510

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8fe82d55dcc1992250e1bdfc112311d1bfbab7522bd184338022551861cda1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://zwickau-en.1notar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 01:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121330
x-xss-protection: 0
server: cafe
etag: 16170095998382130086
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 01:16:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/ Frame C352 10 KB
5 KB 105ms
32ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://zwickau-en.1notar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 31465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 16:32:11 GMT
etag: 15057649708203361565
expires: Fri, 07 Jul 2023 16:32:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 120ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=zwickau-en.1notar.com&callback=_gfp_s_&client=ca-pub-3309229152503106

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3309229152503106&plah=zwickau-en.1notar.com&bust=31075510

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6962145df76a8476fc845e61a4bd4af2d1f1ee9dd28dff3e2a4734a051b1900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://zwickau-en.1notar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 01:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 159ms
42ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=zwickau-en.1notar.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://zwickau-en.1notar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 01:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 400 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5AF7 603 B
214 B 56ms
55ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3309229152503106&output=html&h=15&slotname=8539308884&adk=827987284&adf=4040433847&pi=t.ma~as.8539308884&w=728&lmt=1687569396&url=http%3A%2F%2Fzwickau-en.1notar.com%2F&wgl=1&dt=1687569396010&bpp=3&bdt=231&idt=232&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&correlator=4325487269930&frm=20&pv=2&ga_vid=453490954.1687569396&ga_sid=1687569396&ga_hid=1404333298&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C44759875%2C44759926%2C44759837%2C42532277%2C31075510%2C44788442%2C44794790&oid=2&pvsid=895961643216860&tmod=1216040508&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=APhg7wqaop&p=http%3A//zwickau-en.1notar.com&dtd=246

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://zwickau-en.1notar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 01:16:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D561 430 B
405 B 179ms
178ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3309229152503106&output=html&h=250&slotname=6679432305&adk=2610157242&adf=2008276382&pi=t.ma~as.6679432305&w=300&lmt=1687569396&format=300x250&url=http%3A%2F%2Fzwickau-en.1notar.com%2F&wgl=1&dt=1687569396013&bpp=1&bdt=234&idt=251&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&prev_slotnames=8539308884&correlator=4325487269930&frm=20&pv=1&ga_vid=453490954.1687569396&ga_sid=1687569396&ga_hid=1404333298&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=166&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C44759875%2C44759926%2C44759837%2C42532277%2C31075510%2C44788442%2C44794790&oid=2&pvsid=895961643216860&tmod=1216040508&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Jc5xzh0kQo&p=http%3A//zwickau-en.1notar.com&dtd=255

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffa30efec53093f4b2d607eae762106dafd6cbd954be271a810a94608917848d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://zwickau-en.1notar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 01:16:36 GMT
expires: Sat, 24 Jun 2023 01:16:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A098 430 B
377 B 189ms
188ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3309229152503106&output=html&h=600&slotname=6100847807&adk=2270681647&adf=2993912892&pi=t.ma~as.6100847807&w=160&lmt=1687569396&format=160x600&url=http%3A%2F%2Fzwickau-en.1notar.com%2F&wgl=1&dt=1687569396014&bpp=1&bdt=235&idt=257&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&prev_slotnames=8539308884&correlator=4325487269930&frm=20&pv=1&ga_vid=453490954.1687569396&ga_sid=1687569396&ga_hid=1404333298&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1262&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C44759875%2C44759926%2C44759837%2C42532277%2C31075510%2C44788442%2C44794790&oid=2&pvsid=895961643216860&tmod=1216040508&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=IjthzEaC6j&p=http%3A//zwickau-en.1notar.com&dtd=259

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c08119010e3fc43cc16eb4ba736d6fc04c5b09297d8296712488fff0b0e3336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://zwickau-en.1notar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 01:16:36 GMT
expires: Sat, 24 Jun 2023 01:16:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C219 11 KB
5 KB 422ms
422ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3309229152503106&output=html&adk=1812271804&adf=3025194257&lmt=1687569396&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=http%3A%2F%2Fzwickau-en.1notar.com%2F&ea=0&pra=7&wgl=1&dt=1687569396024&bpp=1&bdt=245&idt=251&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C160x600&prev_slotnames=8539308884&nras=1&correlator=4325487269930&frm=20&pv=1&ga_vid=453490954.1687569396&ga_sid=1687569396&ga_hid=1404333298&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C44759875%2C44759926%2C44759837%2C42532277%2C31075510%2C44788442%2C44794790&oid=2&pvsid=895961643216860&tmod=1216040508&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=259

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7348a8602822686a5cbc4866f7fa1e74a96914a42117df8358823930814aee90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://zwickau-en.1notar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4543
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 01:16:36 GMT
expires: Sat, 24 Jun 2023 01:16:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 116ms
49ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230620&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

206ff5b2d470a1eb10ee205c8aea55ce2485c649e009ab7d203c77783fdd3348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://zwickau-en.1notar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 01:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11284
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 240ms
81ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://zwickau-en.1notar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 01:16:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 24 Jun 2023 01:16:37 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 646E 13 KB
5 KB 63ms
61ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://zwickau-en.1notar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 31302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 16:34:55 GMT
expires: Sat, 22 Jun 2024 16:34:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 736A 783 B
1 KB 202ms
73ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f5756bfbfc2845ba759a5d74df36a2103c8bb798759cc3bda7efeaa0d2e28b03

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-L4AJaOjpPlEmYHsjLUknhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://zwickau-en.1notar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-L4AJaOjpPlEmYHsjLUknhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 01:16:37 GMT
expires: Sat, 24 Jun 2023 01:16:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js Show response
pagead2.googlesyndication.com/bg/ Frame 646E 37 KB
15 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 20:20:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14515
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jun 2024 20:20:52 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 646E 0
10 B 33ms
33ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Amepzw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 01:16:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 736A 0
0 67ms
67ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230620&jk=895961643216860&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 72ms
71ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230620&jk=895961643216860&bg=!PD-lP2vNAAYQ3eRoMN07ADkAdvg8WhT-KlaBDk-ihBVNpKNKC56fCPCz2nfqKtUE1LRtTH36xr7gnzcbmOfhHpwZIBYNRx1a-A8CAAAATVIAAAACaAEHCgDUK2JoEa9VJjVWq5XW_d2dgSpTvR1sSVI1N2oEqvvgtHdFzxtSjQEhYgp1LCPOo6H6FByw5XU5mB6L7VkmV342RlyH_i3jUNthjvgtforqA1T1TEdwVuLcvplcBKjBXNpnAC-MmbBGtRrbQjgw-sprF4fnIC6PdqQS9bZ3ICBDKS8tMd6gEsKTesyHyN9J81J5fMOAruS6OZzDrzdPF_ot4hwrgwpU1C0VDJvZVWXO4MIch8xV71tG9hlZG34_8N9qNuuOifVKacq-0mKHyiTQzApOAtOZArNmnGt34zA5em6PD7lPphEeXD01S8ITJeQB18KijA7eBfuaANLR-VZhIc4rf8xeWn7ODqQ9d17gDB5VU8AWXEuKmW8Js8k0e7YqMIQiix7XHEi6UifHRfiCK1L0heoIGl2iPDTANd8Bh6SvMuURr_k55OuWNlJRsqg23yqvX9Nt7cCVoyuujukefGlyg595-zyjH--D30BB6imRF59BkJgNU9NEZmFhg9N7N6UzCjQI5Mxihwy0MEaWvOPuXDtthvL5I-ZVNeIIkl5mvSwJlHdVGlQrmQVCC_ivOen4pqOb89SyLYC37T3qbKef18u5sxoaNRH-RedGWHfPlAess-BGykP_LGRZO54c53jaftnBj9UMCoMduZ1EsDfyP4apG8G7hB7_yC1EFu43WCBiF50cfgd2wTI94Rlsx_cstsAGUUJPBc3SYxb1Ao_At1zJel1NXxTdqxFJlFkSlpDja1Re4XWdJR_BMrrrzS3aZzkJGdFrACQkLa6n6yyIKgBLlSv8jLqnrg-UIsshveL_JugCuokYprMDPfUHIhX0lZRHbbqCVM6dozhvxWm3vElQKfC0lQm88FQIRshLqPedDGVQhLXkPzXusYYWuMB83fBKOJvKlUEbMhVxbAylZZ4cHP9bOxpHdl9pwiKwvv5C8Aaqb5hHYSuCVWr_8s4PoiSUDCgB6DVdCLyp7h9a5H6uEMxWgP7-VvG6yyUI72ObocbYXFKqRef6Oan1OLIULkNjoKnna5vOlaBgW8oCA3miL7f-PlzUsbmJY--MxWKcxuivAxePbU9Ro5miK5wh3wE0nuOtG_0t9ImXfUGGZxy1Pig-eIf-W8GKie77Jd8Zm2Ro8P4FC_wPDnUR3bYWskrYwJJxWjW3jPjH6hAvq727oNL72dJ9kUWJJ5NGNKL0JZLhIwk5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://zwickau-en.1notar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
zwickau-en.1notar.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 111d5c638315fd6dacb79dcbd9af24f7
.doubleclick.net/	1970-01-20 12:46:10	Name: test_cookie Value: CheckForPermission
.1notar.com/	1970-01-20 22:07:45	Name: __gads Value: ID=0ab975f64b7f89d7-222726cfcfe10099:T=1687569396:RT=1687569396:S=ALNI_Mar5_f7mbnpsm-bPAdxCZZcXtu8-w
.1notar.com/	1970-01-20 22:07:45	Name: __gpi Value: UID=00000c62c412f155:T=1687569396:RT=1687569396:S=ALNI_MZapRkf3HDkNJRtBwXAIPhmqD5RRg

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3309229152503106&output=html&h=15&slotname=8539308884&adk=827987284&adf=4040433847&pi=t.ma~as.8539308884&w=728&lmt=1687569396&url=http%3A%2F%2Fzwickau-en.1notar.com%2F&wgl=1&dt=1687569396010&bpp=3&bdt=231&idt=232&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&correlator=4325487269930&frm=20&pv=2&ga_vid=453490954.1687569396&ga_sid=1687569396&ga_hid=1404333298&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532279%2C44759875%2C44759926%2C44759837%2C42532277%2C31075510%2C44788442%2C44794790&oid=2&pvsid=895961643216860&tmod=1216040508&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=APhg7wqaop&p=http%3A//zwickau-en.1notar.com&dtd=246 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
zwickau-en.1notar.com
195.245.112.76
2a00:1450:4001:806::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
206ff5b2d470a1eb10ee205c8aea55ce2485c649e009ab7d203c77783fdd3348
3b226b4ad705ae48ad2ce2412df35261ae208e9b21eff82c0c4a53d5b3cbe705
3efdc17b38de1e83e0de98e28e2b1633209c886a6bdcacc044bfbc5bc6f410fc
4c08119010e3fc43cc16eb4ba736d6fc04c5b09297d8296712488fff0b0e3336
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7348a8602822686a5cbc4866f7fa1e74a96914a42117df8358823930814aee90
7acc3dfb04a414d5595efb09aaafdbbc81638e0679cac8aa251ef1dcb8c80a3d
8fe82d55dcc1992250e1bdfc112311d1bfbab7522bd184338022551861cda1e1
9afe6f32bba4b47011409e722f5ae160aea255429f6e683e30ce677f1a878f0c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6962145df76a8476fc845e61a4bd4af2d1f1ee9dd28dff3e2a4734a051b1900
a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e987a80abe8716e68f47b078ff6eca4337876e97d74233b736b797145b8c6fd7
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
f5756bfbfc2845ba759a5d74df36a2103c8bb798759cc3bda7efeaa0d2e28b03
ffa30efec53093f4b2d607eae762106dafd6cbd954be271a810a94608917848d

zwickau-en.1notar.com Open in urlscan Pro 195.245.112.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

21 Requests

90 %HTTPS

86 %IPv6

5 Domains

7 Subdomains

7 IPs

2 Countries

226 kBTransfer

595 kBSize

4 Cookies

2 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

4 Cookies

1 Console Messages

Indicators

zwickau-en.1notar.com Open in urlscan Pro
195.245.112.76 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

90 %
HTTPS

86 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

226 kB
Transfer

595 kB
Size

4
Cookies

21 HTTP transactions
0 data transactions