urlscan.io logo urlscan.io
SecurityTrails logo

sample-file.bazadanni.com Open in urlscan Pro
104.21.75.186  Public Scan

Go To Rescan Add Verdict Report
URL: http://sample-file.bazadanni.com/
Submission: On September 20 via api from GB — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 25 HTTP transactions. The main IP is 104.21.75.186, located in and belongs to CLOUDFLARENET, US. The main domain is sample-file.bazadanni.com.
This is the only time sample-file.bazadanni.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.21.75.186 13335 (CLOUDFLAR...)
8 172.217.18.98 15169 (GOOGLE)
1 172.217.16.148 15169 (GOOGLE)
2 142.250.181.238 15169 (GOOGLE)
4 172.217.16.130 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
1 216.58.212.162 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
2 142.250.181.225 15169 (GOOGLE)
1 142.250.185.100 15169 (GOOGLE)
1 173.194.213.120 15169 (GOOGLE)
25 12
2    104.21.75.186 (None, )

ASN13335 (CLOUDFLARENET, US)
sample-file.bazadanni.com
8    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
pagead2.googlesyndication.com
1    172.217.16.148 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f20.1e100.net
topsitecounter.appspot.com
2    142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
www.google-analytics.com
4    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
adservice.google.de
1    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
adservice.google.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
www.googletagservices.com
2    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
www.google.com
1    173.194.213.120 (United States)

ASN15169 (GOOGLE, US)
PTR: vr-in-f120.1e100.net
csi.gstatic.com
Domain Requested by
8 pagead2.googlesyndication.com sample-file.bazadanni.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com sample-file.bazadanni.com
www.google-analytics.com
2 sample-file.bazadanni.com sample-file.bazadanni.com
1 csi.gstatic.com pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 topsitecounter.appspot.com sample-file.bazadanni.com
25 12

This site contains links to these domains. Also see Links.

Domain
www.avtobiografia.com
Subject Issuer Validity Valid
*.appspot.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh

This page contains 7 frames:

Primary Page: http://sample-file.bazadanni.com/
Frame ID: 1699F07DD27E4BAD2C7E91B3EF85EFD8
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html
Frame ID: F0A76D7D71206F37967373CB7352889E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312778245695320&output=html&h=280&slotname=4787817907&adk=2520327634&adf=1126776838&pi=t.ma~as.4787817907&w=732&fwrn=4&fwrnh=100&lmt=1608365918&rafmt=1&psa=0&format=732x280&url=http%3A%2F%2Fsample-file.bazadanni.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1632108518848&bpp=4&bdt=179&idt=130&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=7717878071917&rume=1&frm=20&pv=2&ga_vid=827300924.1632108519&ga_sid=1632108519&ga_hid=1055033577&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=434&ady=155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750678%2C31062369%2C31061691%2C31061693&oid=3&pvsid=3792549289885641&pem=377&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iNvI7v7lH9&p=http%3A//sample-file.bazadanni.com&dtd=141
Frame ID: 1347033FFF9369DFA168790DFA85DCF7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312778245695320&output=html&h=280&slotname=4787817907&adk=2520327634&adf=3789514372&pi=t.ma~as.4787817907&w=732&fwrn=4&fwrnh=100&lmt=1608365918&rafmt=1&psa=0&format=732x280&url=http%3A%2F%2Fsample-file.bazadanni.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1632108518860&bpp=1&bdt=191&idt=135&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=732x280&correlator=7717878071917&rume=1&frm=20&pv=1&ga_vid=827300924.1632108519&ga_sid=1632108519&ga_hid=1055033577&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=434&ady=1524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750678%2C31062369%2C31061691%2C31061693&oid=3&pvsid=3792549289885641&pem=377&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WduDOqjLDN&p=http%3A//sample-file.bazadanni.com&dtd=136
Frame ID: 0F941B8E3D1AE2FAAF3D283D83787B5B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312778245695320&output=html&adk=1812271804&adf=3025194257&lmt=1608365918&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fsample-file.bazadanni.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1632108518861&bpp=1&bdt=192&idt=137&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=732x280%2C732x280&nras=1&correlator=7717878071917&rume=1&frm=20&pv=1&ga_vid=827300924.1632108519&ga_sid=1632108519&ga_hid=1055033577&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750678%2C31062369%2C31061691%2C31061693&oid=3&pvsid=3792549289885641&pem=377&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=141
Frame ID: 5BFD5D28737E343156E6027F0E720E92
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 74DBCE9F0BB0B3D98AE06D96D8AFD527
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 284ADC7FC707F94DC94774D41AD589E2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sample file download

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

25
Requests

84 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

12
IPs

2
Countries

258 kB
Transfer

660 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sample-file.bazadanni.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sample-file.bazadanni.com/
Protocol
HTTP/1.1
Server
104.21.75.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8be6b138619d34aa5e4153afeaa60656feab9e00e79d294fb6d4ecdbd8a5116

Request headers

Host
sample-file.bazadanni.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 20 Sep 2021 03:28:38 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
VoHkensbArFw0BXXIGUQTxq37Hpccx2EFCnM+mIPZh6eG4ZEb0WFhcJ3k+PF4hIdDW6JTnpi1Ns=
x-amz-request-id
M3X88M7DPXNCN294
x-amz-meta-s3cmd-attrs
atime:1608365916/ctime:1608365916/gid:1000/gname:aquilax/md5:fb231b9e66e282506d667467a374a8ba/mode:33204/mtime:1608365916/uid:1000/uname:aquilax
last-modified
Sat, 19 Dec 2020 08:18:38 GMT
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPhuoo0urV8N1Qe%2BQW5N2wXvg4NGNTb9%2FJ7oHtBLj3U6eoUL3g8tKT3Hl1nEJQatVtVVQDe2UT00Wbzcn2zz0LEv%2B%2FFFZx4%2BKymkJjj%2BkQQ5aX5vnA73%2FWTtK18vj6CBa44vtUVOxSaXxvd4"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6917f700bfb1331c-CDG
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.css
sample-file.bazadanni.com/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sample-file.bazadanni.com/css/style.css
Requested by
Host: sample-file.bazadanni.com
URL: http://sample-file.bazadanni.com/
Protocol
HTTP/1.1
Server
104.21.75.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c07052a56f456a9c374f2702424020141fd891f9a460f80c348ed660d6533107

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
sample-file.bazadanni.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://sample-file.bazadanni.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 20 Sep 2021 03:28:38 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
M3X34AZNDYVT0157
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2
HzQs2gw/X4JMZlbxwUpldB8wK903kT98OtRFnIaQkJLdNH5wn61jxmzSNBiQYEV/A0ZY6vSPX2o=
last-modified
Wed, 18 Feb 2015 08:47:45 GMT
Server
cloudflare
x-amz-meta-s3cmd-attrs
uid:1001/gname:aquilax/uname:aquilax/gid:1001/mode:33204/mtime:1424249277/atime:1424249277/ctime:1424249277
etag
W/"0583adeed2e2072cc925f442abafb321"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LftYQrrAqEiUE6O%2F55UMSAnpK2BPb3cemeIBTim2Rqido0roI9tExnNZmqZeoTjEN8%2FVeE9a0An7KforeEP2hIBbd2OT8PgBDMtcvng7cF1lpG16JzD%2BsXGUfBTYp94A9buAsE0l%2BPCJrWCc"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
6917f701d809331c-CDG
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sample-file.bazadanni.com
URL: http://sample-file.bazadanni.com/
Protocol
HTTP/1.1
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
57e1bfc1e8cb28805df3c27e0f037261c26d5b8a48696bb9e4a7f2ebdb35dfb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 20 Sep 2021 03:28:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
2111894597576713948
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
49004
X-XSS-Protection
0
Expires
Mon, 20 Sep 2021 03:28:38 GMT
t
topsitecounter.appspot.com/ 		33 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://topsitecounter.appspot.com/t
Requested by
Host: sample-file.bazadanni.com
URL: http://sample-file.bazadanni.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f20.1e100.net
Software
Google Frontend /
Resource Hash
bf7c178697d05163c48c177f5c58e49f7f08dfc6e618ddba632a45822ab5c051

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 03:28:38 GMT
server
Google Frontend
etag
"IYN8NA"
content-type
image/gif
x-cloud-trace-context
e369c7c4ab8e2161715ca13f48f99eb6;o=1
cache-control
public, max-age=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 20 Sep 2021 03:38:38 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: sample-file.bazadanni.com
URL: http://sample-file.bazadanni.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2501
date
Mon, 20 Sep 2021 02:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 20 Sep 2021 04:46:57 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/ 		253 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5312778245695320&plah=sample-file.bazadanni.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
0e932077700b08707120f8b3243472af89cb67c44f3cd2e9b073be8f3939dd69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 03:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95713
x-xss-protection
0
server
cafe
etag
14022606753207139456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 20 Sep 2021 03:28:38 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/ Frame F0A7 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210915/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://sample-file.bazadanni.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 19 Sep 2021 12:31:14 GMT
expires
Sun, 03 Oct 2021 12:31:14 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
53844
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		2 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1055033577&t=pageview&_s=1&dl=http%3A%2F%2Fsample-file.bazadanni.com%2F&ul=en-us&de=UTF-8&dt=Sample%20file%20download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=999672044&gjid=1102565769&cid=827300924.1632108519&tid=UA-115818-64&_gid=2063600728.1632108519&_r=1&_slc=1&z=679389751
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sample-file.bazadanni.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 03:28:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://sample-file.bazadanni.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210915/r20110914/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210915/r20110914/rum_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5312778245695320&plah=sample-file.bazadanni.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
2d26dbf8c010f3010b6a8c4b79272407255ca46314fcb925698aed2c12997f4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 16:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20621
x-xss-protection
0
server
cafe
etag
57176298204652934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Oct 2021 16:26:14 GMT
cookie.js
partner.googleadservices.com/gampad/ 		203 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=sample-file.bazadanni.com&callback=_gfp_s_&client=ca-pub-5312778245695320
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5312778245695320&plah=sample-file.bazadanni.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
7e094e1e03d031281f832f6e28ddfdc695222f4534f8812cd1c5df79dce07a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 03:28:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sample-file.bazadanni.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5312778245695320&plah=sample-file.bazadanni.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 20 Sep 2021 03:28:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sample-file.bazadanni.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5312778245695320&plah=sample-file.bazadanni.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 20 Sep 2021 03:28:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1347 		430 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312778245695320&output=html&h=280&slotname=4787817907&adk=2520327634&adf=1126776838&pi=t.ma~as.4787817907&w=732&fwrn=4&fwrnh=100&lmt=1608365918&rafmt=1&psa=0&format=732x280&url=http%3A%2F%2Fsample-file.bazadanni.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1632108518848&bpp=4&bdt=179&idt=130&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=7717878071917&rume=1&frm=20&pv=2&ga_vid=827300924.1632108519&ga_sid=1632108519&ga_hid=1055033577&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=434&ady=155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750678%2C31062369%2C31061691%2C31061693&oid=3&pvsid=3792549289885641&pem=377&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iNvI7v7lH9&p=http%3A//sample-file.bazadanni.com&dtd=141
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5312778245695320&plah=sample-file.bazadanni.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
2f867731114a385cff87b9c99ef62e9ab3e76bd0b7ad5b57d51c55cc9c66e65a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5312778245695320&output=html&h=280&slotname=4787817907&adk=2520327634&adf=1126776838&pi=t.ma~as.4787817907&w=732&fwrn=4&fwrnh=100&lmt=1608365918&rafmt=1&psa=0&format=732x280&url=http%3A%2F%2Fsample-file.bazadanni.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1632108518848&bpp=4&bdt=179&idt=130&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=7717878071917&rume=1&frm=20&pv=2&ga_vid=827300924.1632108519&ga_sid=1632108519&ga_hid=1055033577&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=434&ady=155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750678%2C31062369%2C31061691%2C31061693&oid=3&pvsid=3792549289885641&pem=377&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=iNvI7v7lH9&p=http%3A//sample-file.bazadanni.com&dtd=141
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://sample-file.bazadanni.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 20 Sep 2021 03:28:39 GMT
server
cafe
content-length
207
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 20-Sep-2021 03:43:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 20 Sep 2021 03:28:39 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5312778245695320&plah=sample-file.bazadanni.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
24d026371427b41d6d168c5d4c18de465b026afc3907c86c8f3b3bc31bd87467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 03:28:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27652
x-xss-protection
0
server
sffe
etag
"1631879122047051"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Mon, 20 Sep 2021 03:28:39 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0F94 		430 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312778245695320&output=html&h=280&slotname=4787817907&adk=2520327634&adf=3789514372&pi=t.ma~as.4787817907&w=732&fwrn=4&fwrnh=100&lmt=1608365918&rafmt=1&psa=0&format=732x280&url=http%3A%2F%2Fsample-file.bazadanni.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1632108518860&bpp=1&bdt=191&idt=135&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=732x280&correlator=7717878071917&rume=1&frm=20&pv=1&ga_vid=827300924.1632108519&ga_sid=1632108519&ga_hid=1055033577&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=434&ady=1524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750678%2C31062369%2C31061691%2C31061693&oid=3&pvsid=3792549289885641&pem=377&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WduDOqjLDN&p=http%3A//sample-file.bazadanni.com&dtd=136
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5312778245695320&plah=sample-file.bazadanni.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
103b2e1277dc8f3ec5fa0bac0d84c951f167ae0c7aabbb56e853e4d45e883aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5312778245695320&output=html&h=280&slotname=4787817907&adk=2520327634&adf=3789514372&pi=t.ma~as.4787817907&w=732&fwrn=4&fwrnh=100&lmt=1608365918&rafmt=1&psa=0&format=732x280&url=http%3A%2F%2Fsample-file.bazadanni.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1632108518860&bpp=1&bdt=191&idt=135&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=732x280&correlator=7717878071917&rume=1&frm=20&pv=1&ga_vid=827300924.1632108519&ga_sid=1632108519&ga_hid=1055033577&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=434&ady=1524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750678%2C31062369%2C31061691%2C31061693&oid=3&pvsid=3792549289885641&pem=377&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=WduDOqjLDN&p=http%3A//sample-file.bazadanni.com&dtd=136
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://sample-file.bazadanni.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 20 Sep 2021 03:28:39 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 20-Sep-2021 03:43:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 20 Sep 2021 03:28:39 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 5BFD 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312778245695320&output=html&adk=1812271804&adf=3025194257&lmt=1608365918&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fsample-file.bazadanni.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1632108518861&bpp=1&bdt=192&idt=137&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=732x280%2C732x280&nras=1&correlator=7717878071917&rume=1&frm=20&pv=1&ga_vid=827300924.1632108519&ga_sid=1632108519&ga_hid=1055033577&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750678%2C31062369%2C31061691%2C31061693&oid=3&pvsid=3792549289885641&pem=377&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=141
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5312778245695320&plah=sample-file.bazadanni.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5312778245695320&output=html&adk=1812271804&adf=3025194257&lmt=1608365918&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fsample-file.bazadanni.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1632108518861&bpp=1&bdt=192&idt=137&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=732x280%2C732x280&nras=1&correlator=7717878071917&rume=1&frm=20&pv=1&ga_vid=827300924.1632108519&ga_sid=1632108519&ga_hid=1055033577&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750678%2C31062369%2C31061691%2C31061693&oid=3&pvsid=3792549289885641&pem=377&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=141
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://sample-file.bazadanni.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 20 Sep 2021 03:28:39 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 20-Sep-2021 03:43:39 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 20 Sep 2021 03:28:39 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210915&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5312778245695320&plah=sample-file.bazadanni.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
1d0feb10f7ab9a3a02eabaaf4f09d0c9d74ab86d2aed6ce53d3ebafaebd10765
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 20 Sep 2021 03:28:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8561
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5312778245695320&plah=sample-file.bazadanni.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 03:28:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 20 Sep 2021 03:28:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 74DB 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://sample-file.bazadanni.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 19 Sep 2021 17:49:19 GMT
expires
Mon, 19 Sep 2022 17:49:19 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
34760
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 284A 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
GSE /
Resource Hash
99863082739f251f20c5e2fd7983c7c853a9682fffc7682cf3af8d0ccaedfd31
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b+rhjE0t93LJHW/Olsqk5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://sample-file.bazadanni.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 20 Sep 2021 03:28:39 GMT
date
Mon, 20 Sep 2021 03:28:39 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-b+rhjE0t93LJHW/Olsqk5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js
pagead2.googlesyndication.com/bg/ Frame 74DB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 11:36:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
57142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13319
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 14:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Mon, 19 Sep 2022 11:36:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 284A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210915&jk=3792549289885641&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210915&jk=3792549289885641&bg=!zc6lzorNAAaUnz4elJ87ACkAdvg8WilqHdSeqvLghTLLA460doN32uMcp5Y7oZy6l_TiVmF5dattngIAAABkUgAAAAtoAQeZAnpSTCgGD-w0KUc_0ipYR7aTgpQY28WNFz0UAdAUZf263Q_W-J639AnUu0EKffW3xIrgLjoSvM4PjsZ8CSa5BA86yJVOWIj_K4_0XDzxqW4BkfjpqrzldI3x7DrBgcmO1geTeHiie7Y4QhpmJ36sLvuvQCUHZQf3486NNZNGZdIEROMJf7bxTue8lm3XMxw8aKNvOSfWIqAGopQjMTeDBDQiGnv6zF3rUnyf-ULtoIVCpvgg7TCbCOMpJDB83q-osL4P_YGhEV4pxuz_bFkK5UCB1bFNM03NhzdG1ZqrrjloaYcttVCC5xK_fLehgEh-hcN552VqiAp02z6tueOcidjqguPv_b_8r309E7h9gUWCYnK1zZf3wMRCEDnl6PMdSN5vMHdQJRBlGXB_ieAeTl24IyI8bKVzpJwg8NQliJPE-dNZ6D2-Hnb_QsMFaleg3SwKP0dxQ-UER5Gj3CG0kCItcJ6qg0osB14QM0zrG5XRNOMqxF2Y8eDIdNlZAStOjMcj8HgwQZ9R0_5x5Gc__pHExUWZNSOQ4uWh4DHHVZzhxBcTXpmowKA5YSgDH_pEWAfWTvtBU7UcNHoTy6U8T_D_BywAnOGB8CbTuNORnDgTEBcC8mHEULdwkxoan6zh7LHxIJsZx_Iipj996GUr0tM4UstY4Aj0rR1mdse_EPvBaOMFCjKMxAUjDMxnW6sUh4xFTY_i5vk3BfHDTu5MCqi5IP6rFTf54Km9SyTfKzjNvGbo2cNwVdmGENpEDuAMfm5MLYBB36s3lTzJp93Vruv_nOK5DfI7udHB3NBfdZjLZBfM9NTuFw53RR1JODu878mPOFa08pY7xsI7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-5312778245695320&su=sample-file.bazadanni.com&doc=complete&pg_h=1599&pg_w=1600&pg_hs=1599&c=1&aa_c=0&av_h=280&av_w=732&av_a=204960&b=1164.453&all_b=1164.453&d=0.175&all_d=0.175&ard=0.080&all_ard=0.080&dt=d
Protocol
HTTP/1.1
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://sample-file.bazadanni.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Sep 2021 03:28:40 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Content-Type
image/gif
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~kts39t25&c=3792549289885641&e=44750678%2C31062369%2C31061691%2C31061693&ctx=1&met.3=779.aq~247.av~248.aw~164.aw_1~165.at_4~166.ag_q~247.b6~248.b6~164.b6~165.b5_1~164.b7~165.b7_1~779.bb~166.b9_2~326.eg_1~216.ef_3~215.ef_3~843.ee_3~161.ei~868.ej~889.en~639.ev~160.ev~914.ev~326.ew~216.ew~215.ew~161.ew~868.ew~889.ex~639.ez~160.ez~914.ez~189.ez~326.ez~216.ez~215.ez~161.ez~868.f0~889.f3~639.f4~160.f4~914.f4~189.f5~112.f6_1~189.fb~629.gz_1~168.hr~168.hr_1~168.hr_1~168.hs~168.hs~168.hs~168.hs~168.hs~168.hs~168.hs~168.hs~168.hs~168.hs~168.hs~168.hs~168.hs~168.hs~168.hs~168.hs~168.ht~168.ht~168.ht~168.ht~168.ht~168.ht~168.ht~168.ht~168.hu~168.hu~168.hu~168.hu~168.hu~168.hu~168.hu~168.hu_1~168.hu_1~168.hv~168.hv~168.hv~168.hv~168.hv~168.hv~168.hv~168.hv~168.hv~168.hv~168.hv~168.hv~168.hv~168.hv~168.hv~168.hv~168.hv~168.hv~298.j3~298.j3~298.j6~155.in_k~154.ja~113.jb_2~143.lz_2~153.m2~143.os_2~129.q5~132.rc~143.rm_1~143.uf_1~143.x8_1~143.102_1~143.12v_1~143.15o_1~143.18i_1~143.1bb_1&met.7=CBsQCMAB4MiM-gw~CBsQByDjATh_wAGpv_XVAQ~CAEQChgBIOMBKOMBMNMCOHBA5AFIjgJQjgJYmgJomgJwuAJ4mIEDgAHs_gKIAZHTCLABAbgBA8AB9uaergc~CBsQBiDkATjSAcAB8a6TlgU~CAMQChgBIIYDKIYDMPUDOHBQhgNYqQNgkwNoqQNwzQN4je4FgAHh6wWIAcfmD7ABAbgBA8AB6a2z6AY~CAwQBRgBIJEDKJEDMMMDODJAkgNIkgNQkgNYtQNgnwNotQNwwgN4myaAAe8jiAHbT7ABAbgBA8ABoeXy2wY~CBsQCiCRAzhkwAGl7sKoCA~CBsQDSCDBDgfwAGAkfKHCA~CBwQChgBIIkEKIkEMJoEOBBoigRwlwR4uaMBgAGNoQGIAeafA7ABAbgBA8ABsIz1gA0~CAUQBRgBIKAEKKAEMMEEOCFQoQRYqgRgoQRoqgRwwQR4rAKwAQG4AQPAAZDHsvAI~CC8QBxgBII4EKI4EMNAEOENAjgRIjgRQjgRYuARgngRouARw0AR4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CBsQChgBII0EKI0EMOEEOFVAjQRIjQRQjQRYwwRgowRowwRw4QR47QOAAcEBiAHLAbABAbgBA8AB5Krg8AI~CAUQBRgBIJUEKJUEMO4EOFpolgRw7gR4-wOAAc8BiAGuA7ABAbgBA8ABkMey8Ag~CAUQBRgBIJoEKJoEMPMEOFlonARw8gR4-QOAAc0BiAGuA7ABAbgBA8ABkMey8Ag~CC8QBxgBII0EKI0EMJQFOIcBQI4ESNgEUNgEWPoEYOQEaPsEcJQFeJADgAFkiAFrsAEBuAEDwAHttbKwCg~CCoQChgBIJcEKJcEMJsFOIUBwAGm-4CTBw~CBsQCDi2BcAB4MiM-gw~CCcQDRgBILUFKLUFMOgFODNQtgVYzQVgtgVozQVw5gV4nUWAAfFCiAH5V7ABAbgBA8AB8_LLrgs~CCcQChgBIOkFKOkFMNgGOG_AAeLBm9oF~CCcQBRgBIN8GKN8GMJcHODnAAdT_u6UH~CBsQBRgBIOAGKOAGMLQHOFTAAc_G2uIB~CBwQBhgBILQIKLQIMNMIOCDAAaHZ1rIJ~CBwQBhgBIJ8NKJ8NMLUNOBdonw1wtQ14rAKwAQG4AQPAAePE3vwL&met.1=1.kts39smz~6.0~7.1~8.t~9.t~10.19~12.19~13.5r~14.5s~15.5u~16.b6~17.b6~18.b7~19.j8~20.j8~21.ja~22.an~23.an
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210915/r20110914/rum_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.213.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vr-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://sample-file.bazadanni.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 03:28:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect boolean| originAgentCluster string| GoogleAnalyticsObject function| ga object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_persistent_state_async object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_rum_config object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| _google_rum_ns_ function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb undefined| google_rum_values object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.bazadanni.com/ Name: _ga
Value: GA1.2.827300924.1632108519
.bazadanni.com/ Name: _gid
Value: GA1.2.2063600728.1632108519
.bazadanni.com/ Name: _gat
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bazadanni.com/ Name: __gads
Value: ID=101ea80ade39f5b9-2273d7dc3dc900ee:T=1632108519:RT=1632108519:S=ALNI_MYWysaxsaWWxCYhb3Rmfh4sFJUEFw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
csi.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
sample-file.bazadanni.com
topsitecounter.appspot.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
104.21.75.186
142.250.181.225
142.250.181.226
142.250.181.238
142.250.185.100
142.250.186.98
172.217.16.130
172.217.16.148
172.217.18.98
172.217.23.98
173.194.213.120
216.58.212.162
0e932077700b08707120f8b3243472af89cb67c44f3cd2e9b073be8f3939dd69
103b2e1277dc8f3ec5fa0bac0d84c951f167ae0c7aabbb56e853e4d45e883aa3
1d0feb10f7ab9a3a02eabaaf4f09d0c9d74ab86d2aed6ce53d3ebafaebd10765
24d026371427b41d6d168c5d4c18de465b026afc3907c86c8f3b3bc31bd87467
2d26dbf8c010f3010b6a8c4b79272407255ca46314fcb925698aed2c12997f4b
2f867731114a385cff87b9c99ef62e9ab3e76bd0b7ad5b57d51c55cc9c66e65a
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
57e1bfc1e8cb28805df3c27e0f037261c26d5b8a48696bb9e4a7f2ebdb35dfb1
7e094e1e03d031281f832f6e28ddfdc695222f4534f8812cd1c5df79dce07a06
99863082739f251f20c5e2fd7983c7c853a9682fffc7682cf3af8d0ccaedfd31
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a8be6b138619d34aa5e4153afeaa60656feab9e00e79d294fb6d4ecdbd8a5116
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
bf7c178697d05163c48c177f5c58e49f7f08dfc6e618ddba632a45822ab5c051
c07052a56f456a9c374f2702424020141fd891f9a460f80c348ed660d6533107
d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62