www.indexwar.com Open in urlscan Pro
2a00:1450:4001:830::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.indexwar.com/
Submission: On September 19 via api (September 19th 2023, 6:43:22 pm UTC) from US — Scanned from DE

Summary HTTP 134 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 15 domains to perform 134 HTTP transactions. The main IP is 2a00:1450:4001:830::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.indexwar.com.
TLS certificate: Issued by GTS CA 1D4 on September 18th 2023. Valid for: 3 months.

This is the only time www.indexwar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a00:1450:400... 2a00:1450:4001:830::2013	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:91f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:50c0:800... 2606:50c0:8003::153	54113 (FASTLY) (FASTLY)
4 20	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2009	15169 (GOOGLE) (GOOGLE)
1	146.75.120.193 146.75.120.193	54113 (FASTLY) (FASTLY)
1	54.39.156.32 54.39.156.32	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:401... 2a00:1450:4013:c01::78	15169 (GOOGLE) (GOOGLE)
2	74.125.133.156 74.125.133.156	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
8	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400e:14::9	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
134	25

3 2a00:1450:4001:830::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.indexwar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:91f (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)

anubiswb.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.39.156.32 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: ns562579.ip-54-39-156.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4013:c01::78 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.133.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400e:14::9 (Ireland)

ASN15169 (GOOGLE, US)

r4---sn-5hne6nzk.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169 ade.googlesyndication.com — Cisco Umbrella Rank: 333	735 KB
23	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 bid.g.doubleclick.net — Cisco Umbrella Rank: 1063 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 433	224 KB
19	gstatic.com fonts.gstatic.com csi.gstatic.com www.gstatic.com	153 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113 imasdk.googleapis.com — Cisco Umbrella Rank: 657	267 KB
9	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368 www.googleadservices.com — Cisco Umbrella Rank: 178	607 B
6	2mdn.net 2 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1461 r4---sn-5hne6nzk.c.2mdn.net — Cisco Umbrella Rank: 297764	1 KB
5	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 11	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	227 KB
3	indexwar.com www.indexwar.com	69 KB
2	blogger.com www.blogger.com — Cisco Umbrella Rank: 8923	60 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 8396 s4.histats.com — Cisco Umbrella Rank: 8413	5 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 6754	7 KB
1	github.io anubiswb.github.io	17 KB
1	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 10565	12 KB
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 331	8 KB
134	15

	Domain	Requested by
32	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com
23	pagead2.googlesyndication.com	www.indexwar.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
20	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
9	csi.gstatic.com	imasdk.googleapis.com
8	www.googleadservices.com
8	fonts.gstatic.com	www.indexwar.com fonts.googleapis.com
5	www.google.com	2 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	r4---sn-5hne6nzk.c.2mdn.net	googleads.g.doubleclick.net
4	imasdk.googleapis.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	www.indexwar.com	www.indexwar.com
2	gcdn.2mdn.net	2 redirects
2	www.gstatic.com	googleads.g.doubleclick.net
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	www.blogger.com	www.indexwar.com
1	googleads4.g.doubleclick.net
1	ade.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	i.imgur.com	www.indexwar.com
1	anubiswb.github.io	www.indexwar.com
1	s10.histats.com	www.indexwar.com
1	blogger.googleusercontent.com	www.indexwar.com
1	cdn.ampproject.org	www.indexwar.com
134	25

This site contains links to these domains. Also see Links.

Domain
www.anubis-web.com
www.blogger.com

Subject Issuer	Validity	Valid
www.indexwar.com GTS CA 1D4	`2023-09-18` - `2023-12-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-11`	a year	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
*.blogger.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
histats.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-09-12` - `2023-11-21`	2 months	crt.sh

This page contains 20 frames:

Primary Page: https://www.indexwar.com/
Frame ID: 0687B3CB9DC2279925436FAC11C47D64
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/zrt_lookup.html
Frame ID: CB1F9A4E7FBB0298314915DC26BA1BAA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3844282854323769&output=html&adk=1812271804&adf=3025194257&lmt=1695140122&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.indexwar.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695148995307&bpp=3&bdt=140&idt=180&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6582339408176&frm=20&pv=2&ga_vid=211891096.1695148996&ga_sid=1695148996&ga_hid=364720264&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42532402%2C44798934&oid=2&pvsid=2892328610694332&tmod=901928141&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=209
Frame ID: 0C6317389EB263BB02B633BA203052D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3844282854323769&output=html&h=280&adk=1639955263&adf=8396834&pi=t.aa~a.1902041895~rp.4&w=1100&fwrn=4&fwrnh=100&lmt=1695140122&rafmt=1&to=qs&pwprc=7474505383&format=1100x280&url=https%3A%2F%2Fwww.indexwar.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695148996134&bpp=2&bdt=967&idt=-M&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a23f75cfc340e7e-22cadc6a7dde0022%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MZYv1LKxoGF7XLXO96AobsFRzkE-A&gpic=UID%3D00000c78fc67d177%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MbqAwoBIqPJSIAnoID0BW9m6U-Z8Q&prev_fmts=0x0&nras=2&correlator=6582339408176&frm=20&pv=1&ga_vid=211891096.1695148996&ga_sid=1695148996&ga_hid=364720264&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42532402%2C44798934&oid=2&pvsid=2892328610694332&tmod=901928141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6jqifgqpRU&p=https%3A//www.indexwar.com&dtd=9
Frame ID: 3D60EDCC77DC0F4E0DDF9F5984BA2C84
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3844282854323769&output=html&h=280&adk=3088186576&adf=2824717477&pi=t.aa~a.2849718724~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1695140122&rafmt=1&to=qs&pwprc=7474505383&format=1200x280&url=https%3A%2F%2Fwww.indexwar.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695148996134&bpp=1&bdt=967&idt=1&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a23f75cfc340e7e-22cadc6a7dde0022%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MZYv1LKxoGF7XLXO96AobsFRzkE-A&gpic=UID%3D00000c78fc67d177%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MbqAwoBIqPJSIAnoID0BW9m6U-Z8Q&prev_fmts=0x0%2C1100x280&nras=3&correlator=6582339408176&frm=20&pv=1&ga_vid=211891096.1695148996&ga_sid=1695148996&ga_hid=364720264&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1754&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42532402%2C44798934&oid=2&pvsid=2892328610694332&tmod=901928141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=w0we8HL3ny&p=https%3A//www.indexwar.com&dtd=17
Frame ID: E1387C9BA741B652CFE7239E9C5866E0
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Frame ID: 569B2B9651AEB876AB63FC7FBE02F9D8
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Frame ID: D337D464E8142120D4EAF45034658186
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Frame ID: F70F437AFD07A75837511AECDB3869E4
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Frame ID: CDC21E3197A77F5E7E42CB11CCC1F690
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A1A63B8B3DF6D866FAF1EABE6A39112E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5FBA1BC4B34BA432CEAD5CB4C0DAF712
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 872E88E5E6870D79219871FE15EFAFB1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C1F50A0DD79674998CE4719B0B95726D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js
Frame ID: 2540F2399DE61D88D1E13D489AA25E74
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js
Frame ID: 5BAC754B5A42F906682E04D7B5251C7C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js
Frame ID: E14A9AB991B5E95DA6922FE91F2D31EB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 50C181FC66A291CA1ACC72D21E7CFFC5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 73B490E54A3E25AB7B84A20B59B4C160
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js
Frame ID: 989205364337E698AC7C6180ABF82149
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js
Frame ID: 3A15461A1946E4293BA2230CD86C435B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Soccer Online

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Page Statistics

134
Requests

96 %
HTTPS

76 %
IPv6

15
Domains

25
Subdomains

25
IPs

5
Countries

1786 kB
Transfer

9088 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.anubis-web.com/

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 62

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 90

https://googleads.g.doubleclick.net/pagead/adview?ai=CtpIcw-sJZeH5IfOS78EP7OSCUNrGxYFzkd62xvURr-rk8cgBEAEgtISWnAFgleKQgqAHoAGd_amNA8gBAqkCnCik7FHwsT6oAwHIA8kEqgThAU_QFgZhTt7aprOBY13F0FDMzRznvHY85aGpWOcIGNQV1XuRey9m4NqmGo_YsJcezmLcNCOfDXDS4iLKjarZvuT5WcRrrYrjvo53iSsMhz9X2s9KOxKgBk2Qp0ojp7B-iuqqrP6YUZn5xJgHJfA9dQQjEN0gikAkRPmEq2ZnD2_FPtX6WybpqIKMywLV1B0HceTzjsMbGiXLIoAehl3qF39UY1gPlug_iJiZB0WxWnbB93EtEVu49ffXPfKzKzi-w_kz4-S4h6eU8cO7XxjFVjIJi295-JZAveqeOzUWfv9bNMAEgKzskb4EiAXJhrPHTKAGAoAHy4LWcqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPTHAtIIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqaCTVodHRwczovL3F1YXJ6c2FuZC1zaG9wLmRlL2MvYmF1LWdhcnRlbi1hbmQtbGFuZHNjaGFmdIAKAcgLAdgTA9AVAYAXAbIXHAoaCAASFHB1Yi0zODQ0MjgyODU0MzIzNzY5GAA&sigh=xF1QoR1AXFA&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWYqFONCugPKbutJupPwofVkbwPicrFBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215088949596469484154%22,%22debug_reporting%22:true,%22destination%22:%22https://quarzsand-shop.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22833257117%22],%224%22:[%2209-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211815289407471904529%22}&andc=true

Request Chain 91

https://googleads.g.doubleclick.net/pagead/adview?ai=Cg-xkw-sJZeL5IfOS78EP7OSCUNi7yIFzqqm8upISr-rk8cgBEAEgtISWnAFgleKQgqAHoAGd_amNA8gBAqkCnCik7FHwsT6oAwHIA8kEqgThAU_Q_Kk8BaqOMPf88CM8IDCgxa7KpOsLhGLi68CwHml_2OseyC8cx8u7kxnRFZxwh59esuJ3rOHkM-YHssBzsdqZsrGsW6A3zeaRSZpo0IPUNDaanEtHkZDyYP5Tg1VQmaJVMDzqE-pNMxPXS3BOEFX_iVOJmV15WgL10mILqfsrbAiKy4eSxlPXgSIgYUxYgwa_3PXgsaEetsJoPbJOBlBVzJ9iTt0E7EaUuFVgv1geYfyZmQRZ_yFN1DCLIm0taK2_AjjLiajIcQK45sjj16CWPHNN9dpUfTJe6WDXU9-OXsAEx_bBs70EiAWG0LPHTKAGAoAHy4LWcqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEODNA9IIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqaCTVodHRwczovL3F1YXJ6c2FuZC1zaG9wLmRlL2MvYmF1LWdhcnRlbi1hbmQtbGFuZHNjaGFmdIAKAcgLAdgTA9AVAYAXAbIXHAoaCAASFHB1Yi0zODQ0MjgyODU0MzIzNzY5GAA&sigh=GRwuBrA-WcY&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWYqFONCugPKbutJupPwofVkbwPicrFBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229149888621812569678%22,%22debug_reporting%22:true,%22destination%22:%22https://quarzsand-shop.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22833257117%22],%224%22:[%2209-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214916439724730842241%22}&andc=true

Request Chain 105

https://gcdn.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726684996/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/088635F7F1B1CE528A6CA9AEFBE9A381595DA9CC.68750F480B97F223D148FD7A2B9991DA5CD96B28/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-5hne6nzk.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726684996/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/20028DCF549C6C934A9FBB4DB355F77B0DD4C687.06BCB034DE752D1A2DC7675CA38D97586ADE11B3/key/cms1/cms_redirect/yes/mh/qX/mip/2001:ac8:20:3d00:1012:9b8c:ca2:57cc/mm/42/mn/sn-5hne6nzk/ms/onc/mt/1695148634/mv/m/mvi/4/pl/50/file/file.mp4

Request Chain 109

https://gcdn.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726684996/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/A6CC0838B088A9BD302EF6C5EBB3085631610A72.1038253C83EDA6162B503532624764F50505FD8F/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-5hne6nzk.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726684996/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/253A58A95E14C17266ECA6DB5C32E9CC308C3B42.05C2421AAD9775EA7AFE563A8D3C484BBCDDF524/key/cms1/cms_redirect/yes/mh/qX/mip/2001:ac8:20:3d00:1012:9b8c:ca2:57cc/mm/42/mn/sn-5hne6nzk/ms/onc/mt/1695148634/mv/m/mvi/4/pl/50/file/file.mp4

Request Chain 115

https://googleads.g.doubleclick.net/pagead/adview?ai=CJF2sxOsJZbSxDf2878EPtIaD2ArExs-Ec7TthfOBEpPZldSqCRABILSElpwBYJXikIKgB6ABoZXy7QLIAQmpApwopOxR8LE-qAMByAPLBKoE0gFP0E73wWMiyBDpFXcJOAd4HEFvnUr6pVr3qVXVThuS57NQwfve1xCXXC7WhBCslU2aIWfSuRgjZ_hPWvkM5lDpZ3fl1-DgAt9sk0XkSQmUfxmxy14u9UMJbhZI05sjFNpBXJ0v7d9DJeTDGT8P-IBPxmrUiY9UUdDk74RLRqcwcjz9x_19EMW-qcKoGQufOXrH4b7oV11nWcM7DrcPDVQRTQQSo_d1TuUYguLy4d97E1xr56o6bswSSiEhfazXo2d7aoA2OrIzxOAXxcgNrsz1LYPABLX0vJu8BIgFr9KNzEySBQQIBBgBkgUECAUYBKAGLoAHx-qNkgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCPrQHSCBYIgOGAcBABGB8yAusCOgKAQEi9_cE6mgk9aHR0cHM6Ly9xdWl6LmJldHRlcm1lLndvcmxkL2FyL2ZpcnN0LXBhZ2UtZ2VuZXJhdGVkP2Zsb3c9MTc4OIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zODQ0MjgyODU0MzIzNzY5GAA&sigh=WiLY0Eo189c&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWtCOVI8o4Qp-ab-YRpiC7jP1T_cEOr1bJz-BXh_qB8NCMMorvb-2ReXl2LD1lo6He1ihyCgWHGAE&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22803662403432503726%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22767330977%22],%224%22:[%2209-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214257661321135998881%22}&andc=true

Request Chain 120

https://googleads.g.doubleclick.net/pagead/adview?ai=CVxDFxOsJZc71DMu478EP1Zq4qA6h-Yf8ctzDlpbJEcqjkviZDhABILSElpwBYJXikIKgB6AB_8uYwinIAQmoAwHIA8sEqgTWAU_QUUzLtXELAsJ1LUom-qXCH832K1xxY9E-Pw5oMByq9i3Lfm4QUTJClfFsCgkhkQ9h2dO2LM_-Fh7NTwA7yTjpHNi9no2_2pc6EDwLH9FlkhKsuCFUOROl5s8nmSr-3I5-wXB1EyiAsNOvYKo08shgmp3pQPCIgmQwr1IIUUvVVNp08_3xXMn5By3W7ihxOqCSnLI4S_KLI3EjmMjHN2HXtaElACHxvdK0NPETEgYFoPC9M_7fM1snBJ-mCwFYSRo2NOe6E6KqVprlrQPhOwGtevZ2uZrABJCpvqjGBIgFuuefmUuSBQQIBBgBkgUECAUYBKAGLoAH_4PpoQSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDvvgzSCBYIgOGAcBABGB8yAusCOgKAQEi9_cE6mgm5AWh0dHBzOi8vd3d3LmhlbHB3aXJlLmNvbS9hcnRpY2xlcy9zdGFydGluZy1hLWJ1c2luZXNzP3E9VGlja2V0cytNYW5hZ2VtZW50K1N5c3RlbSZzcmM9bWcmZ2NoPVQwMDAwMzc1JnZpc2l0b3JfaWQ9JTdCZ2NsaWQlN0RfX19fJTdCcGxhY2VtZW50JTdEJmxpbmtfa2V5PTU0YThiZDM0Mjg4MGFmODE0NWE2NjIwYzA0NjJjYWZjgAoByAsBogwMKgoKCOS0sQLutbEC2BMMiBQB0BUBgBcBshccChoIABIUcHViLTM4NDQyODI4NTQzMjM3NjkYAA&sigh=aZ7ntY4E_f8&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJW1gLmZ6dT9h42ARUfY6El0oU99C6Aon2xvBglSqWQpeFoJ99ZKEntPI0gTN3y7E3rattu_8TnGAE&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22309466782075637696%22,%22debug_reporting%22:true,%22destination%22:%22https://helpwire.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%2211144668671%22],%224%22:[%2209-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211178175421136847329%22}&andc=true

134 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.indexwar.com/ 530 KB
65 KB 226ms
157ms Document
text/html 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.indexwar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cc9433048d7c5a788369ffeb59e15c25f5f5101d29300b3726222ac609e94236

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 66603
content-type: text/html; charset=UTF-8
date: Tue, 19 Sep 2023 18:43:15 GMT
etag: W/"85ae212b0761601012b3257bf1af573daf7cdafd83734e0f0e18f788972cb8c5"
expires: Tue, 19 Sep 2023 18:43:15 GMT
last-modified: Tue, 19 Sep 2023 18:15:22 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 89ms
62ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3844282854323769

Requested by

Host: www.indexwar.com
URL: https://www.indexwar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfea1fbc237b6a04685492aef7707e8ce71dc4863fca1cc1a8e355006e52576b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indexwar.com/
Origin: https://www.indexwar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50812
x-xss-protection: 0
server: cafe
etag: 14709704032759106657
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 18:43:15 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
8 KB 64ms
18ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.indexwar.com
URL: https://www.indexwar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdbc437ae4f9682ddb3016e0f10d720fe02ed6f35c5944aae743d71004e7ce1b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.indexwar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 18:43:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7564
x-xss-protection: 0
server: sffe
etag: "bc84cdb3c4f97b0b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 18:43:15 GMT

GET
H2 200 Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2
fonts.gstatic.com/s/tajawal/v3/ 8 KB
9 KB 39ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2

Requested by

Host: www.indexwar.com
URL: https://www.indexwar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indexwar.com/
Origin: https://www.indexwar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:06:51 GMT
x-content-type-options: nosniff
age: 344184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8488
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:31:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Sep 2024 19:06:51 GMT

GET
H2 200 Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v3/ 10 KB
10 KB 45ms
14ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2

Requested by

Host: www.indexwar.com
URL: https://www.indexwar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indexwar.com/
Origin: https://www.indexwar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 07:36:04 GMT
x-content-type-options: nosniff
age: 385631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9864
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:31:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Sep 2024 07:36:04 GMT

GET
H2 200 Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2
fonts.gstatic.com/s/tajawal/v3/ 8 KB
8 KB 42ms
11ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2

Requested by

Host: www.indexwar.com
URL: https://www.indexwar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

453a980367e2c76aacb9c48ddab4f0732175bd0f2aefc257cfaa75dfb4dc2ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indexwar.com/
Origin: https://www.indexwar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 07:41:16 GMT
x-content-type-options: nosniff
age: 298919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8600
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:34:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Sep 2024 07:41:16 GMT

GET
H2 200 Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v3/ 10 KB
10 KB 41ms
10ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2

Requested by

Host: www.indexwar.com
URL: https://www.indexwar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

773d39d817342d38ff8203ede93c2280d9f4e6cbeac425fe09bdb7decddc65aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indexwar.com/
Origin: https://www.indexwar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 21:40:39 GMT
x-content-type-options: nosniff
age: 248556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9988
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:34:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Sep 2024 21:40:39 GMT

GET
H2 200 AVvXsEgTbAbymE0Wn0aV9scLVFMj83PEbi27Y2X2F1S6zf686bF1Qd34xdASSVuP1rDXnF1quh4C6SJbfqbz9yKD79ZuqnivX0pYGDIER5lP_yREs8stvbjzytwDoOX5C3GLeaFYVy8hUJFE61lRrtXBDofgBkbnyf9bMC0PDPran1rx6iAJyAEg6syC_FU4xXg=w300
blogger.googleusercontent.com/img/a/ 12 KB
12 KB 311ms
283ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgTbAbymE0Wn0aV9scLVFMj83PEbi27Y2X2F1S6zf686bF1Qd34xdASSVuP1rDXnF1quh4C6SJbfqbz9yKD79ZuqnivX0pYGDIER5lP_yREs8stvbjzytwDoOX5C3GLeaFYVy8hUJFE61lRrtXBDofgBkbnyf9bMC0PDPran1rx6iAJyAEg6syC_FU4xXg=w300

Requested by

Host: www.indexwar.com
URL: https://www.indexwar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

21c4889cde15d42a384ad014b91e386510b72620fec99567398a7cde76e4171e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.indexwar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:15 GMT
x-content-type-options: nosniff
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="inwr.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12108
x-xss-protection: 0
expires: Wed, 20 Sep 2023 18:43:15 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 953b4b72f673971bcccdd71be36e41e3eb04b4bac604fe9a83a6dcb1179c2337

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 59ms
25ms Script
text/javascript 2606:4700:10::6814:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: www.indexwar.com
URL: https://www.indexwar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:91f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.indexwar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 9798
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8093f92478109bca-FRA
content-length: 4547

GET
H2 200 moment.js Show response
anubiswb.github.io/Source_Code/Java_Script/JS_Temp/ 50 KB
17 KB 40ms
10ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anubiswb.github.io/Source_Code/Java_Script/JS_Temp/moment.js

Requested by

Host: www.indexwar.com
URL: https://www.indexwar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

4cc5b53db1be65ea34adad0c15ef0540f4beac5fdff01e36194b6d551abcea98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.indexwar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-fastly-request-id: 52806f4a7daf6c9b9f69b0ce864998fe48cf270e
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Tue, 19 Sep 2023 18:43:15 GMT
age: 524
x-cache: HIT
x-cache-hits: 1
x-proxy-cache: MISS
content-length: 16947
x-served-by: cache-fra-eddf8230026-FRA
last-modified: Sun, 16 Oct 2022 19:44:37 GMT
server: GitHub.com
x-github-request-id: 51E0:B0C1:4D86C2:4F9A5C:64EEA864
x-timer: S1695148995.272024,VS0,VE2
etag: W/"634c5f25-c9e0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Wed, 30 Aug 2023 02:34:36 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97b47c58e662804749691df086e253e424ffe0b8e6f9a976ff26fe58a29aba8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 377 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24aa8a34d64838da936d5c81b1d186cda54646c291f8e89af108123738fc6e7a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 379 KB
129 KB 87ms
71ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3844282854323769&plah=www.indexwar.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3844282854323769

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d8a50212ee10bed6f7b0c953cddd312ba89a0b8138f34b144b218f7af26ef1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.indexwar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131562
x-xss-protection: 0
server: cafe
etag: 18075407270379837124
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 18:43:15 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/ Frame CB1F 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3844282854323769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indexwar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79155
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 20:44:00 GMT
etag: 8554266389219770021
expires: Mon, 02 Oct 2023 20:44:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
www.indexwar.com/feeds/posts/default/ 2 KB
1006 B 145ms
145ms Fetch
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.indexwar.com/feeds/posts/default/?max-results=0&alt=json

Requested by

Host: www.indexwar.com
URL: https://www.indexwar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

01736a4b70c168ca88d4cf59b9d65ef59015e8d5cafd269a9328349b36aeda85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.indexwar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Sep 2023 18:15:22 GMT
server: blogger-renderd
etag: W/"8f9d8078cf8e6143c238fab0214e9612fb96e556cf45606719ce12c4b1e8ae22"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 766
x-xss-protection: 0
expires: Tue, 19 Sep 2023 18:43:16 GMT

GET
H2 200 7902837520139008934 Show response
www.blogger.com/feeds/1068937706229710159/posts/default/ 6 KB
3 KB 185ms
162ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/feeds/1068937706229710159/posts/default/7902837520139008934?alt=json&callback=AN_896885296036

Requested by

Host: www.indexwar.com
URL: https://www.indexwar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

249e9afc1574b1791e14365c176737bd8425771f1740f36cdafe2441d4fea7c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.indexwar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Tue, 19 Sep 2023 18:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2128
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Sep 2023 20:06:03 GMT
server: GSE
vary: Accept, X-GData-Authorization, GData-Version
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
gdata-version: 1.0
cache-control: private, max-age=0, must-revalidate, no-transform
expires: Tue, 19 Sep 2023 18:43:15 GMT

GET
H2 200 cookienotice.js Show response
www.indexwar.com/js/ 6 KB
2 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.indexwar.com/js/cookienotice.js

Requested by

Host: www.indexwar.com
URL: https://www.indexwar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.indexwar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Sep 2023 15:56:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 26 Sep 2023 18:43:15 GMT

GET
H2 200 1465578468-widgets.js Show response
www.blogger.com/static/v1/widgets/ 157 KB
57 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1465578468-widgets.js

Requested by

Host: www.indexwar.com
URL: https://www.indexwar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d49c1e3a643794375db57ab0f237a97a189577f3e822d8512ed383f95941dde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.indexwar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 16:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57929
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 13:53:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 17 Sep 2024 16:17:59 GMT

GET
H2 200 cOiPtdU_d.webp
i.imgur.com/ 7 KB
7 KB 38ms
7ms Image
image/webp 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/cOiPtdU_d.webp

Requested by

Host: www.indexwar.com
URL: https://www.indexwar.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

a584b88211de5abf3764f81397ffd690edc8716f6c1a26863f71f115a51e3d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.indexwar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:15 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 4188165
x-cache: HIT, HIT
content-length: 6708
x-served-by: cache-iad-kcgs7200168-IAD, cache-fra-eddf8230131-FRA
last-modified: Wed, 02 Aug 2023 07:20:30 GMT
server: cat factory 1.0
x-timer: S1695148995.374337,VS0,VE0
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3350, 13

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 50 B
184 B 662ms
468ms Script
text/html 54.39.156.32
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4804379&@f16&@g1&@h1&@i1&@j1695148995347&@k0&@l1&@mSoccer%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:125571918&@b3:1695148995&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fwww.indexwar.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.156.32 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns562579.ip-54-39-156.net
Software: /
Resource Hash: 07abf627ee6df7ab157a81b61237eae98472114b12d4c0bfe44d78a0d1dc82ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.indexwar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Tue, 19 Sep 2023 18:43:15 GMT
Connection: close
Content-Length: 50
Content-Type: text/html;charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
607 B 47ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.indexwar.com&callback=_gfp_s_&client=ca-pub-3844282854323769

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3844282854323769&plah=www.indexwar.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff98236780a82e68fa31df898ab49ae16b7e290c8b50ae817d800ec18d53970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.indexwar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0C63 454 KB
88 KB 464ms
463ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3844282854323769&output=html&adk=1812271804&adf=3025194257&lmt=1695140122&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.indexwar.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695148995307&bpp=3&bdt=140&idt=180&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6582339408176&frm=20&pv=2&ga_vid=211891096.1695148996&ga_sid=1695148996&ga_hid=364720264&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42532402%2C44798934&oid=2&pvsid=2892328610694332&tmod=901928141&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdca760a7bca01496feb63a9326c8bd0206407abc8f55b37751d30f27270910f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indexwar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 89957
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 18:43:15 GMT
expires: Tue, 19 Sep 2023 18:43:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 108ms
107ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.indexwar.com
URL: https://www.indexwar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.indexwar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 56ms
55ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230918&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8f94c095e4a64e576d0bed9feeb45b04754b7b781109337ac29cfb8e1d23852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.indexwar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12100
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 154 KB
52 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b344321f919f232b7f8aeed4728254cd270e4ec2a7922eaca781cab2aace96c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.indexwar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53717
x-xss-protection: 0
server: cafe
etag: 13107200034469532485
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 18:43:16 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3D60 118 KB
40 KB 498ms
497ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3844282854323769&output=html&h=280&adk=1639955263&adf=8396834&pi=t.aa~a.1902041895~rp.4&w=1100&fwrn=4&fwrnh=100&lmt=1695140122&rafmt=1&to=qs&pwprc=7474505383&format=1100x280&url=https%3A%2F%2Fwww.indexwar.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695148996134&bpp=2&bdt=967&idt=-M&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a23f75cfc340e7e-22cadc6a7dde0022%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MZYv1LKxoGF7XLXO96AobsFRzkE-A&gpic=UID%3D00000c78fc67d177%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MbqAwoBIqPJSIAnoID0BW9m6U-Z8Q&prev_fmts=0x0&nras=2&correlator=6582339408176&frm=20&pv=1&ga_vid=211891096.1695148996&ga_sid=1695148996&ga_hid=364720264&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42532402%2C44798934&oid=2&pvsid=2892328610694332&tmod=901928141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6jqifgqpRU&p=https%3A//www.indexwar.com&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

083209587ddf4c5179ab497a4bce5fa7d786568caf6f6ab2d73a3754ce6cd721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indexwar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40778
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 18:43:16 GMT
expires: Tue, 19 Sep 2023 18:43:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E138 115 KB
39 KB 414ms
413ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3844282854323769&output=html&h=280&adk=3088186576&adf=2824717477&pi=t.aa~a.2849718724~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1695140122&rafmt=1&to=qs&pwprc=7474505383&format=1200x280&url=https%3A%2F%2Fwww.indexwar.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695148996134&bpp=1&bdt=967&idt=1&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a23f75cfc340e7e-22cadc6a7dde0022%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MZYv1LKxoGF7XLXO96AobsFRzkE-A&gpic=UID%3D00000c78fc67d177%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MbqAwoBIqPJSIAnoID0BW9m6U-Z8Q&prev_fmts=0x0%2C1100x280&nras=3&correlator=6582339408176&frm=20&pv=1&ga_vid=211891096.1695148996&ga_sid=1695148996&ga_hid=364720264&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1754&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42532402%2C44798934&oid=2&pvsid=2892328610694332&tmod=901928141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=w0we8HL3ny&p=https%3A//www.indexwar.com&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83764d32f03a6d8175167f4a6bbc7e77aafdacb9b4d4bd7f162d45ecb3b9b946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indexwar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39844
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 18:43:16 GMT
expires: Tue, 19 Sep 2023 18:43:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 54ms
28ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.indexwar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 18:43:16 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/ Frame 569B 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indexwar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 21:02:07 GMT
etag: 8554266389219770021
expires: Mon, 02 Oct 2023 21:02:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/ Frame D337 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indexwar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 21:02:07 GMT
etag: 8554266389219770021
expires: Mon, 02 Oct 2023 21:02:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/ Frame F70F 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indexwar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 21:02:07 GMT
etag: 8554266389219770021
expires: Mon, 02 Oct 2023 21:02:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/ Frame CDC2 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indexwar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 21:02:07 GMT
etag: 8554266389219770021
expires: Mon, 02 Oct 2023 21:02:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 569B 4 KB
1 KB 42ms
16ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Sep 2023 18:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 16:45:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Sep 2023 18:43:16 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/ Frame 569B 15 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:08:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 511223485441000916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 01:08:40 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/ Frame 569B 20 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 20:01:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame D337 23 KB
9 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 19:58:30 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A1A6 143 B
166 B 10ms
9ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 18:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame D337 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 17:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 17:26:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame D337 20 KB
8 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 19:58:30 GMT

GET
H2 200 11725928374981436370
tpc.googlesyndication.com/daca_images/simgad/ Frame D337 51 KB
51 KB 10ms
10ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/11725928374981436370

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

926a75e883b285b483ef3dfab6ef95fac7c805a2dc9b4bbc2cb713fac55f2760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 12:54:00 GMT
x-content-type-options: nosniff
age: 20956
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51724
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 20:00:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 18 Sep 2024 12:54:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D337 182 KB
57 KB 49ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 18:43:16 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame D337 35 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab3a8d4b08d504ad5847e8bd132c66e7f0c5822da1895f9be7454a990487e05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 23:09:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
server: cafe
etag: 1865743863185650171
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 23:09:38 GMT

GET
H3 200 11725928374981436370
tpc.googlesyndication.com/daca_images/simgad/ Frame F70F 51 KB
51 KB 8ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/11725928374981436370

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

926a75e883b285b483ef3dfab6ef95fac7c805a2dc9b4bbc2cb713fac55f2760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 12:54:00 GMT
x-content-type-options: nosniff
age: 20956
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51724
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 20:00:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 18 Sep 2024 12:54:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame F70F 23 KB
9 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 19:58:30 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5FBA 143 B
166 B 8ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 18:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame F70F 3 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 17:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 17:26:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame F70F 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 19:58:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F70F 182 KB
57 KB 40ms
32ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 18:43:16 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame F70F 35 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab3a8d4b08d504ad5847e8bd132c66e7f0c5822da1895f9be7454a990487e05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 23:09:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
server: cafe
etag: 1865743863185650171
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 23:09:38 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame CDC2 23 KB
9 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 19:58:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CDC2 8 KB
823 B 30ms
27ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Sep 2023 18:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 18:34:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Sep 2023 18:43:16 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame CDC2 15 KB
3 KB 38ms
9ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:19:13 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame CDC2 368 KB
128 KB 38ms
9ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130842
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:19:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame CDC2 20 KB
8 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 19:58:30 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 872E 13 KB
5 KB 12ms
11ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indexwar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4266
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 17:32:10 GMT
expires: Wed, 18 Sep 2024 17:32:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C1F5 829 B
1 KB 49ms
17ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

123e3d5a277992b89599e8f375fc5382ddaa22b3890d83c220c96b7a16a56f76

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QhH5yKiHZ5IVpjG4E3oNhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.indexwar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-QhH5yKiHZ5IVpjG4E3oNhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 18:43:16 GMT
expires: Tue, 19 Sep 2023 18:43:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 2540 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 19:58:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2540 8 KB
750 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Sep 2023 18:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 17:10:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Sep 2023 18:43:16 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 2540 15 KB
3 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:19:13 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 2540 368 KB
128 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130842
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:19:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 2540 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 19:58:30 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A1A6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

20ms
20ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 18:43:16 GMT
expires: Tue, 19 Sep 2023 18:43:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 18:43:16 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5FBA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

22ms
21ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 18:43:16 GMT
expires: Tue, 19 Sep 2023 18:43:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 18:43:16 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame CDC2 0
234 B 97ms
45ms Ping
image/gif 2a00:1450:4013:c01::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lmqny0ta&c=4333138412689&slotId=2166569206344.5&qqid=CKPn4o2qt4EDFXPJOwIdbLIACg&fb=outstream-lima&sei=44730425%2C44752538%2C45401791%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c01::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CDC2 15 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:52:03 GMT
x-content-type-options: nosniff
age: 514273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 19:52:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CDC2 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 506100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 22:08:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CDC2 0
20 B 112ms
111ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CAeRiw-sJZeP5IfOS78EP7OSCUNGJ2O1yjNDy5bwR3aq81_ICEAEgtISWnAFgleKQgqAHoAH7o46GKsgBBakC55olPULcYz6oAwHIA5sEqgSAAk_Q06pZzl5IbKG7-3xBuktyvLSFz_7VHybB1tYPLJ3RvNEUCeipSNrL_ILfDk3UCTzercXes6v12YWOfqMmj9t2kXd5uCbSMwq0D_yb00YnWsCRhDuwXftxDE90hTWkjYvFzyufzoerKRVXCmft0Ot-eyFkbT6IYRJ1wUf4OWFxhFC6L9OAMcvLmAbN83M8DFyF6gECByeStpDLKRgU8v8QsIzzGOj9qohefIvr9_DMHWS7Z7NXkaHGihowSjtm1tdr2e1mXUkIzLe0ncRmyN27irELluPeFlk-UXFAD_p6MJGMJ6OehnzNjMdq10tJSJfokil3COBXtr0sw7tBYPnABKjKu6PUBOAEA4gF8auEvUyQBgGgBnaAB_vb3uUEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqACgHICwHgCwGADAGqDQJERcgNAbATx4vbFMgT4azW4wPQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1695148996552&ai=CAeRiw-sJZeP5IfOS78EP7OSCUNGJ2O1yjNDy5bwR3aq81_ICEAEgtISWnAFgleKQgqAHoAH7o46GKsgBBakC55olPULcYz6oAwHIA5sEqgSAAk_Q06pZzl5IbKG7-3xBuktyvLSFz_7VHybB1tYPLJ3RvNEUCeipSNrL_ILfDk3UCTzercXes6v12YWOfqMmj9t2kXd5uCbSMwq0D_yb00YnWsCRhDuwXftxDE90hTWkjYvFzyufzoerKRVXCmft0Ot-eyFkbT6IYRJ1wUf4OWFxhFC6L9OAMcvLmAbN83M8DFyF6gECByeStpDLKRgU8v8QsIzzGOj9qohefIvr9_DMHWS7Z7NXkaHGihowSjtm1tdr2e1mXUkIzLe0ncRmyN27irELluPeFlk-UXFAD_p6MJGMJ6OehnzNjMdq10tJSJfokil3COBXtr0sw7tBYPnABKjKu6PUBOAEA4gF8auEvUyQBgGgBnaAB_vb3uUEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqACgHICwHgCwGADAGqDQJERcgNAbATx4vbFMgT4azW4wPQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame CDC2 0
54 B 80ms
45ms Ping
image/gif 2a00:1450:4013:c01::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lmqny0uh&c=4333138412689&slotId=2166569206344.5&qqid=CKPn4o2qt4EDFXPJOwIdbLIACg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.t6&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c01::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame CDC2 28 KB
17 KB 116ms
48ms XHR
text/xml 74.125.133.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AhHNviJY7rCsxAy3XmDyyrQ9qLXIq3CyKzrHmFAUw1dEXjg5YQdQbhs5h8b33Fxc9NxwChU2W52cEu9L1Cg5kGcT8q5A&cry=1&dbm_d=AKAmf-BCV5Hy0QbydsgDNanthOZ8WVJdT6TFNRWZRD7-uKvhzYDTT-8wv4Ki-enyHquIyWgG_aY7VobLnvkLZU7WMeYY1NQfPhXCDh_ktFRrbk3spG83r4o5vO3W940cuSFsDpW1otmFi79wVorNtmbuhtCSrOlbAd0inY-VEK8b1956PilPvyk7ZF2lkzXOy_cgeO9LaHUgljoCorRIksXs7AayCYNQ9rFPGCo-_VuDDeyjHzgguU0L94_LnCu7pDmeFHWpIbuQDTBmhjnXzD4kKTA0zQ77wy_yeAwoKZwGRrE1402IVo9ngzB8miarpp4WAV6hlYnehGnBqmA6v25yKI9adz-T2V88U4DxOphNFF2ZMhc-TE9yOKhyylPY-hSP7Q7Cxny8rJW7ZNVjoqc_uNxTMnPwbfLhLeEJgMEsw0-A9hVqI5rK_bb_47LpeNHy2TMNyuXuG0scgroIk9Rmg6Zxuv9cwD5FfK8sePgkMshc8eJoPxar__23qVEEkiK6u1yBjsfdkXFXakLqKBrl9AeYPHXfExP2MBgFcjmWpcm7IvGoZ1Zj1GKqE-26SLRZlVwb7s2xbpurSUU0TRO4zeGpX-EMqw3PAvKqfe0UhH5AhTrkLAo9i6BqUqFwPN7aQGDy87CSKszPzjLF0TqpkguRWK4j2juhASnfaEf5EepAdwG7sgCV2qvpwt2onEzmmpiTIxpUgPRv_1F4yKQ3uI01qyWokYnIXZukrkFUs2k1D69fDY5OfWCH2_DONW28m-RvYgY0Majx0yg50vNCJtrIfWWxfVf_x0-UtTyTzNxImUWTCjrSan-NV5x_cVC3jN0MjP-zwkHtjFHmgeM6DW0FgF7ltxwIb9GVDlkykOvbuydl41qBG9XxPfH2Y8faBLnzqVSKYZkedBk7TV12n1M8YTGmfHOD7NQ9jnDScNxlHgWVfpJVuHMg1NgMyYaXo7Imn0coppTsiWxKYJnjeZ18CLqZ11t9zS9AqFAy5oeIPvB1xljHl3GWPMJ3nRKUc0hWcqLpPfpyd5HWuQ_PE58y48bQUkRyEi0pS1JMJIObbORskO6XRxU-o2Lo1r_CTc1S-YKgof3LqCj84U-aMgp_NWxGh4gy84PMYHv1pC6IbumE81o1sp6Y6oLfU9Q5qlJT_k1XCOLagaaLyqeORbT32dYDp3IXadViK2UU8Kr5NlW8cazT3219Ob-55CYyGwTf-3b1YRpHab960Fd1F8qdKv4iNZvuQRnvAYq0iV62fIADMlbg_IUb-R8Be-SziZBO0KCDaLpK_3UEUPg37lsnh7jBp3NSgK0RPhMaOMKr3ZgjTA7h293xqBByg1M3BqVZCIPJLq6MS1CkqVmFQaemNwh9kG8KxJwFf5m0VdLNT9Bv88JVkO45c30iO-LoYIq9fUl5IWl3cyAeCMSDAVovpVIi6ZFPiGCA1GK0UGg8qQtKPoHNOhq8m0zylCuBbtQzwYURty2N1CjMfDUn6xLLwcRDxzxt64kAba8dnqsCX-jPHHUfZ6matspmv35znckTcE18mIG7RxFz3OypYOVxfAwOfSZ3NDNN28kaVGBIsnS36D-Ggppw5Qf3XfFzS4Dv6fer-jPbqFYYm6cdZRdM5XajSqiS76VxFYNwjk-0WFhnCrh-GZ_s8Et98B7VJLLJRqIm-UrUf7PylFVuP2shWvPKDUyIZCcjDQM3KUIqFSRHyQx7EZY53_EnUXraCTvtl9KTNgjkUaXE0j7c6OmXKUgcwnjg3v6oKxP812h_3OzmWI1t91Asptu0_ba4-lxdPw65_5YatxZhXzgr8DSDLAtlVConvyoxXroE8yhEhQQXkQyyMKxihTePyH38t3b5eA_YN8j1swc7j1Eab5caVY_B955sBlWW6J5OljUshBQGUmzTRFyihu-oJ-I1KVTYt6001HHyWNIha8ujHcWle-fPhuq6-PX7k4aAp0i3-vkLPg1-X8SNrXNN4mraapwG2i1uGNMyoQIfWrbAeKAhZ5dZSjzRQ-8mpoNklhcbmzrv6CJpumWZDztckZf7bejbSSiZ9MWjxnTpn4wX6McY6ohnpl1uzjrNpNniYBNUE0q6QcOfAhUd7xmVIe_jEdLjkqJigrJF7I0ZEaWbXKdMuSNSgKhzNE1NXqQ2PvUl_2Pl__DdtXBeV1OTZfi8t45Ipa_6rCL5MFRdxdzU-m7ZjqKVPm_F26HHbkMyQC-0Lluw7R0qL_I8chTx9KoeDjCyR02VNOJCH3XyCgbICRVJe2amy2A-SZ1eGe6sOo1Aek_0JBywKXWIkm3K4n0TeUCMbrcG3czCX9gyLhcD60Crp-gygjIh3ks-5n0aQXs8JXEDTTQn9BrMNRdDzxxTxp81Qi_1maRWfyJGjcTn2f_SnUU5lQpl6LzWac78DN7N4EY5UjLcsSupoBXuLnSV0yeHWgZBKWvsezAKoOB-Ho_-ru7HBpGetTpcYr66MQWO9NTJIyNsCOToFDhSxLXxbNaTt1s466nUa5N2irpx4Pa-yVIlJ5XNrxp7-bGDArvUdxDHU9BzJ0FKyBFmDXpEuzlSjyWs63rdqGq4BLjpWlkCJ-pi4UrUvBOgENQqsAtedoRZJsTA0MPe6odHyw5cc6NFprG3qtmKLRZlqu8UhY3Jq5WGq5L8Re4CDstAu71VVhZ_tg319W4n1HbfGso6WdG5PZZc2bmFxsg2_krr-U6dZllxflRzDYXg_FyO2EH4xDBviCIzSbBCxSEfO98IMIHyKEdJyqSaVyVvLhc9fsQWuT6dj2vZrxfBu6gJSmPo6bNlZfTJnvEKW8AeL4Z16il6Le50eimzEJrTRYxLuZXbOlHUXFxJ7SdXvVuBPi3ONkptObf9tqADfvrLXJJ1TMpKwIZ1LhL5SiTmyjUfDUprvKWOXDqVI01TCjB93vjfrxHOpADceWL79J18V3nvZdT8RFNFbPZlC5CCeazcG9dJWYa78n_Od0eWPS_GDeBMSSPC0Z9oR8YaO4LgtfSmDrfJEHXdM0Gxi_PTSqX0tvBoDZ4FBHRGVLQrppsJMARVDSdjEDNV2t1zqyQHHfbtWrGrB2HoyXyYNeaYzEX2n0Xhj3J9fSR4Ep5756o6SRdbkub7VHyDJ7vx4dyR4Mt-SbQd-u623BTlNDU3UHia1lN8TMzEl-EVJ1CJG6cWpRDGoKisCLwellUJEY7KRQbCTOBsQ4p8HCZri0p7FAwj5se5Mm6PkgpvzICV23hAqfZN5sKKrWilIW54doo1RBOPvOPdfUpz-1h2HoGvCY6FIreVRnYgoHSKdDHXqrCbZY2eFDPqJMBixevq92yz7LmgPdwZqPl8lAm92Km3huLIY_-Amq-3STRI1-HQIQbnBaC62uoQD-zFhweUROfMIhghCG-OvKIvPBp1guTnNZsobGuHmgQSdhej4-rE4ZAucYrA3DOQnVlw7k6fxGVNBeJEiUGUkB1hWD-Sayu3_AZquJk8HFsIUzyUim9C0T8gYfo7bY7k0g6Pw30pljCuBJ6Ea_2da_iaImKh6jRoLZA-rn6W0_gG8pSIEFdh0FZEB6d0aps7aKP2MS6reJuGYfKyqqcTuRO1Idv-Ce-QueZtIkzxlbxK7B9tcHWOnxwQCiuNuaj_KQaE_4nefHIIzDsEv1o1VV5VbOsb4iPTCRMjUcq7nv_mKSyns23R05a7d9f1YwQheoZJ5yZbcPi6fH1QzEqtvvSa7BZzBOdlcuSuirCnpi2VJkJEaFF_6Ky_H9ynlk9GbmU7CzoEbowKGXio985Z_2VlZy8uvtHVXrEernmftFoA7f2GN2umDq3vbYavIS2DDeQ&cid=CAQSGwBpAlJWYqFONCugPKbutJupPwofVkbwPicrFBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f156.1e100.net

Software

cafe /

Resource Hash

16d69f5b90b0be7efcb903c1285dc35bc190275b5106d17cfca88f338fca8013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16772
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D337 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5cc4757647ab3d5ede0d9fb0e5f543cc2246c270043cdc5d10b4fb9f8f5d1ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F70F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d747d0e2e928b47c5727defe8c2d2b74379bec7567fd283763d13dd23ea9ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 2540 0
54 B 45ms
45ms Ping
image/gif 2a00:1450:4013:c01::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lmqny0vz&c=513186256874&slotId=256593128437&qqid=CKDn4o2qt4EDFXPJOwIdbLIACg&fb=outstream-lima&sei=44730425%2C44752538%2C45401791%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c01::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2540 0
20 B 112ms
112ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cpc6lw-sJZeD5IfOS78EP7OSCUNGJ2O1yjNDy5bwR3aq81_ICEAEgtISWnAFgleKQgqAHoAH7o46GKsgBBakC55olPULcYz6oAwHIA5sEqgT-AU_QIyhc6_xllhELPVWNTkfu0Y607Nms2tlsei5MCjpVlyET59q2LCy0CNF5xyzeyqCMm90-5pXXf3d5k1siIghU3lrsT6ptQKIQxi48rX_IthXUP3c_bUVH2BU81V1bLtNWduHthpNcxDeXlYXUDE84jPNCvlWme-aANwze0XhulfWUYVYusZ4FA6JPPvdYPWRmD3Oi_jpTZCXXYItQOmJHooxR-Bb7qoSEsG3w5_3ebpYTHw18cR9shtDEiuzDFlL0uEwRRfutahc-9knbfH0qqCjf0WW6fX5wX0copI23pLS8VtUFzKfSTgb1PKJ9QATW5MX-hEcD2Je4j-5WwASoyruj1ATgBAOIBfGrhL1MkAYBoAZ2gAf7297lBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAcBABGB8yAusCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CREXIDQGwE8eL2xTIE-Gs1uMD0BMA2BMKiBQE2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1695148996612&ai=Cpc6lw-sJZeD5IfOS78EP7OSCUNGJ2O1yjNDy5bwR3aq81_ICEAEgtISWnAFgleKQgqAHoAH7o46GKsgBBakC55olPULcYz6oAwHIA5sEqgT-AU_QIyhc6_xllhELPVWNTkfu0Y607Nms2tlsei5MCjpVlyET59q2LCy0CNF5xyzeyqCMm90-5pXXf3d5k1siIghU3lrsT6ptQKIQxi48rX_IthXUP3c_bUVH2BU81V1bLtNWduHthpNcxDeXlYXUDE84jPNCvlWme-aANwze0XhulfWUYVYusZ4FA6JPPvdYPWRmD3Oi_jpTZCXXYItQOmJHooxR-Bb7qoSEsG3w5_3ebpYTHw18cR9shtDEiuzDFlL0uEwRRfutahc-9knbfH0qqCjf0WW6fX5wX0copI23pLS8VtUFzKfSTgb1PKJ9QATW5MX-hEcD2Je4j-5WwASoyruj1ATgBAOIBfGrhL1MkAYBoAZ2gAf7297lBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAcBABGB8yAusCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CREXIDQGwE8eL2xTIE-Gs1uMD0BMA2BMKiBQE2BQB0BUB-BYBgBcB6BcF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 2540 0
54 B 45ms
45ms Ping
image/gif 2a00:1450:4013:c01::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lmqny0w4&c=513186256874&slotId=256593128437&qqid=CKDn4o2qt4EDFXPJOwIdbLIACg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.ui&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c01::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 2540 28 KB
17 KB 78ms
52ms XHR
text/xml 74.125.133.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CLn3iGOsm7bbaqaUa7FuvYsmDiBQJjfcEsW1eQ_fmV355RmEKnF-KyCDtYpDgJeuDRQXr3IVZvCJ0RcwuMjKxzBI_w8g&cry=1&dbm_d=AKAmf-Bp2WTCjs3f6nF0EUrLiK8T31lnh57DLpqzxoWx28PwqHssl1Ww4obh2i4rH-xX-CVbuCwIyKWmvfu4lTcwQ6m5XX8hqAU7h46FNZC_CPyrcrUHKARuOt_mfex29sZh4As3djEC1sWCItxCHjO8sFkmfVKjnibbJAW2nyu6awdb6O0ALaBgBtbwMzkKnYZzSJUi33YDfi0AcNMXSR-9g2pHkrn5cVdE5yK8-mkTQ2BpotDoxB0jTF-U2619BTsRpeICoB7Fkbrr9gQcMspENCAfMQ-tvcCJCCKNZcn1ki7VR-18fuxwAISAeV2GWwvMdggc3C2q-33nFiMQzPpR_4A2tzSivkgzeJrgrDzwoj5HrJreRrHJNpO5UafzmMnIjKgGEbxxNCs2U2fQUJ-ASyuiRsqRk0iM-D7kyfWk7THeggLx6g5xZdrUnMzBDz5jeNanSsQcYCoiNoXmE-CwQCeJ_kkbyW8osRhTWJOsVTj1Or8sOE_E1JtXI4HfFQQCLAG9aPHK-gCrZjpiq3zWjBTyRNHKyhhhQSdC13_5KPDECuprcHdXBK9zZI5GORxd0SFx4w6bWvfBLIU2N3tUsOMgSOIdHb6QsTEUYBy-tX-_MZXE_skTkLyWQnM1FGVnLKj07t096tUk55JPMb1EwfI1cV3pSLLCjPPZDE_UuIKb9mTVUGG7tLlF-2Fwy1Bs0DRd2LY8att_EPnPBXxe_Rknj1qQN4fX9NnXKMUusscPttyZ88ufQFKFULhNoWixnjkeChzmDUsDzCqisvLwvkVNek2ixawS9KGG0BrYGO0Kh-2g0PtXwm2tsAKwZm1ak8OoeiJZU6fYQ-jE0A2kyAhgBBL6FYbmauyaafcnTU9Md3IuC29uQq5IqzHxuDEK5NIILQS0YvEfIOJ4NdERXUmLkxJ6UpC3a2zrhmfbU6kuLKEwZsxsKfUmOSW5N9sPyqZM3sS-vlcv0GyCh90FsBfqL1k9I-q-Cw4NYc4_-E65qIeEa0Gfp9HNBmTkje3iBbmH0QvAQhFcuyVsyXiKZHfcFCvxt9znyP3SqzxxugjLn0YGhYHVmXeiVkB-yE-Y1Vmi6cwECur4xCge1XcEBWV-Bp8y49fwmx59QD3FyxfMX6XTVPamgFG-Hgc-tHHq3M_rG0sbYWaXsv8ZsjikFrQQtcNucQLHXBst3cumoxJh79H9WrbqOJ5CTJmOMHQtTF6hbQ1bBPKDsBnO4wCa4f5JHG8rPc0aRJoYOTzSnOgsUpvl4I1PxsOKQguUE14yWtEzPsO-COW7qEdz2CojMlBsXtYkDnQ_QjJqQy91gvadvfh6pHdyHpBmQuzFB62glOYKJqB-JNmNujFyXFPQtHdh8ZYN9vAkvThr26Fo8N8rAPuL9xEa2ilN9vqQW3nIhqCLF6fXBNTWwJo-hnkscRhv-BlRqAxr3oPvvsdyv6bh_h0N82IxUmzOrHLWcXyZ6xUu5iPEhnSROkAKp_loFTS5LunGDZN48yb4B1X0zMBMozOP6JcJHS0L9E5akoTFjPl_yYmhIYMP78R9FCQ38QIICe4Z1hTsVC35bRDBDifPfWNYUCJZyqlnDBRCgZX_z09XJZkRhSPRIlG4CwwL49Id7wn5tl1rBDxf-r537QYiiSy7Y5IUnpZb1S8qBeXKarO5yK7AlOuUb7EPwJ9NUmLsBxxvHOIf0hzuIjfl61uVizMldUGuTMrdh7MQ4EopoD9I4uSQ6sijjwOX4QhqFqo7q0T2c6l6VHyBpxHWBBK-EbutjbnFW7kZ7h6-DVCFUzKkg5tti1_zYnd2dcRIKlYK7TnEta_scv5O6qj6CgZUufCnmFjDMeqUk9afYXRVT8MdG8A1ItuA_jbnu9IY1TzMrRO8z3N8aKVYETqpHYr8pehz300aWg8EjZSuxhtTwYslBEGm0RmNwonRbST9dO2Xppiftg9Bhqfw4QZJRyk8goobpEISUzFVb46gKPY7BvoqtxjiUrjz1hqPJoPDepwsDHz-rLmghw5E81Bt-rC6ZjwW-b23mgaKkpDjaM11reMJVmGAL-oeZ5Ek2F2D8SvTLl9BZVg7pWi-vJVel6BXSbIfzs_HBbGqhwQB6Z4UBovRcp9E3TyEnpfL9HjqSSKa7D7KoqCIS3y0diD9mTahC3K3MV-ClX0fP49evi4ywqV8WPELNE8wNCFYtdxaO6qCkmMStJUMwRAkHgRAHu81pF-hi9LI1hzXdtFXvcNhbhN0plIz1QQYwXT2aXvcNFSEjEUVMO1lAdtMfVlWGdmVzXvQJyIBsfThSx_TFvi5Jljnmtswn7pZZN2Q_eq0t7tpEW-Hum_0emNU3J3G1Sjyxls14sHHShrIdgOlETV3DSNInZpWwLdlibzMWAUzpVoaNHUn0NhpgONox9T9xaKyNbfOiy3zRCAByg1njdsZfT7s4PFh71ZUee6zXn_kmRlgjPKtQcKVmtU1aRh3Nq19DNyiEw93taDJeOXNeBBSsIfGnAkDo1a6RjAEgOwPrC-lPveSnQRoYbLjioX0u7IMWM1gNLJyyEJ-FORU0M3DrrPo_6L_Y_0SOG8lifb3BqaAqLTBiHKddcUHh9xdsRw3opGh31g6W5bSh8JwmKBefFm1G_TdJWxhrrdMCnpujsZVoH6D20IQbnRlc-UemdMQ4g7LAaZC8Ary0qk447230-9ygVhbiBd9_QXFS-H4J3Ya57VJVQliEORzU9tiasOCINvsc84ZDqVLiBiVEmh1D6Kx54BgT7ppu695-ERLkK8_vglw8nibWEDZqAF_RnxWDyrR7Li2uuLb1GA41YWabs_G8A8hWBkrS9BeOqi_9zURGV4RBVydjGbTvJiu_-TLtJ8wEY1rqln48FuaOM8fckTfaKvlhKNjPf9WViKWeBe1z0fE2zFku_x33lnTbSAorjNFlc3DQuTPsRlUI9kn9x3MPsKCKnSuG85rKe-hPvqw_p0ycOcsH-3Z9Tt_qchQKj-K_sql6gNPr5lqGi8AsUpRB4Z1FSxnUkf6joV6DnRHHdTC7BtYU2uVascs6e5wRmjzFPFOunXavN3mNalCgrA9OfeKm4b-JZ-FZTse7pEADfJp2dhLDFJANkxlxeUpWngxYUtGuYU988-m9YtlC5jtmLOF8xlFnmbZIYxsaPr0PhGdxZuVNJXXGalHuIBnEHwFoec66PS7Eghm6j3ozLW1NUvUDV-hu9AIJ5o0KzuEbS8hg_FAPdEPsWvfBMBbNmvc0BOQJKZbQ7Ah5wdE4CaVTN26U21hOi_na-EyhpcnU0dZrQ962V_9lSdcabGsjVdQjyh4aCChNde4yeUtq0hYyYzY5mnDhC82r8CZRi5ALTyPTDPmqat-eTgNQQ6Vj43d8lZ6PjpPlBzz013hscWQ-CkbOrzO6rRJ2bivtlB2u73IYpeK2RTYU8w6x4oYOP7bCr6cxQYigJ6pNbNSa84_ce1HxX7TFzTgvSYT-xkhihTfiZhIr1Lr_7lfw4MvWNPmW-J4hQsF_X8_CgNelT04pMILQnwSF1wggE4SaeFeSRvrDP1VUpJbvbMVFzKWh6rKZU61xehk9adVdYFC9odMTBk3wnYOpedpf3hmra6qsnIo7Pu3NQMMxaMtQAtN_F3EUVx7tEfIcz1G6OtICc8uWRWdMGVC1_QTBxfrrzlNVomWpLiMQCkD6bsvIZwLP0UmC1325eKBs7vfJPgg6rHtE0yQeqb1V_RXFAYx7EcUuB4JsHr8C-hcZsvDLIuDMIptnIH7EV26ni2p47CfHvfJv-43JZ6VP_oA4HdXN8taX6xczS6t-0x02a5KUGZGJywYgZk&cid=CAQSGwBpAlJWYqFONCugPKbutJupPwofVkbwPicrFBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f156.1e100.net

Software

cafe /

Resource Hash

8bb6c0eef29e163f071f52bc5b62a79204e83d7ae13d8629037882e55b5e72b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16774
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E138 7 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3844282854323769&output=html&h=280&adk=3088186576&adf=2824717477&pi=t.aa~a.2849718724~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1695140122&rafmt=1&to=qs&pwprc=7474505383&format=1200x280&url=https%3A%2F%2Fwww.indexwar.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695148996134&bpp=1&bdt=967&idt=1&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a23f75cfc340e7e-22cadc6a7dde0022%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MZYv1LKxoGF7XLXO96AobsFRzkE-A&gpic=UID%3D00000c78fc67d177%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MbqAwoBIqPJSIAnoID0BW9m6U-Z8Q&prev_fmts=0x0%2C1100x280&nras=3&correlator=6582339408176&frm=20&pv=1&ga_vid=211891096.1695148996&ga_sid=1695148996&ga_hid=364720264&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1754&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42532402%2C44798934&oid=2&pvsid=2892328610694332&tmod=901928141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=w0we8HL3ny&p=https%3A//www.indexwar.com&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Sep 2023 18:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 16:54:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Sep 2023 18:43:16 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame E138 2 KB
892 B 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 19:58:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame E138 23 KB
9 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 19:58:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame E138 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 17:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 17:26:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame E138 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 19:58:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E138 0
0 20ms
17ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyRTeImUiHtlYymNYsNzjzMgo6-ikuRGKCZrYvTwvFFaYlisBaw5oHbmba9kSeh7ie95uV
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3844282854323769&output=html&h=280&adk=3088186576&adf=2824717477&pi=t.aa~a.2849718724~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1695140122&rafmt=1&to=qs&pwprc=7474505383&format=1200x280&url=https%3A%2F%2Fwww.indexwar.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695148996134&bpp=1&bdt=967&idt=1&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a23f75cfc340e7e-22cadc6a7dde0022%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MZYv1LKxoGF7XLXO96AobsFRzkE-A&gpic=UID%3D00000c78fc67d177%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MbqAwoBIqPJSIAnoID0BW9m6U-Z8Q&prev_fmts=0x0%2C1100x280&nras=3&correlator=6582339408176&frm=20&pv=1&ga_vid=211891096.1695148996&ga_sid=1695148996&ga_hid=364720264&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1754&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42532402%2C44798934&oid=2&pvsid=2892328610694332&tmod=901928141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=w0we8HL3ny&p=https%3A//www.indexwar.com&dtd=17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E138 182 KB
57 KB 22ms
17ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 18:43:16 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame E138 36 KB
15 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 09:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:37:14 GMT

GET
DATA 200
OK truncated
/ Frame CDC2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba7e535e38ec1ab8e34ec371525576c91390dd7664745c2a47bd7fbe0dd55271

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js Show response
pagead2.googlesyndication.com/bg/ Frame 5BAC 37 KB
14 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fa28ca93018a81200db86568ea62af15f291a113f136c04468fe17258727c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 16:03:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14647
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 16:03:19 GMT

GET
H3 200 b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js Show response
pagead2.googlesyndication.com/bg/ Frame E14A 37 KB
14 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fa28ca93018a81200db86568ea62af15f291a113f136c04468fe17258727c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 16:03:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14647
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 16:03:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C1F5 0
0 110ms
108ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230918&jk=2892328610694332&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/13686751548166079863/ Frame E138 46 KB
46 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13686751548166079863/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e812d3af5b1d55163042b0245a4c81705d4f849e48d450e4df1de1589aeedf03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 18:21:58 GMT
x-content-type-options: nosniff
age: 87678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47019
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 10:18:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 17 Sep 2024 18:21:58 GMT

GET
DATA 200
OK truncated
/ Frame E138 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E138 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D337
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CtpIcw-sJZeH5IfOS78EP7OSCUNrGxYFzkd62xvURr-rk8cgBEAEgtISWnAFgleKQgqAHoAGd_amNA8gBAqkCnCik7FHwsT6oAwHIA8kEqgThAU_QFgZhTt7aprOBY13F0FDMzRznvHY85aG...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215088949596469484154%22,%22debug_reporting%22:true,%22destination%22:%22https://quarzsand-shop.de%22,%22event_report_windo...

0
0

58ms
41ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215088949596469484154%22,%22debug_reporting%22:true,%22destination%22:%22https://quarzsand-shop.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22833257117%22],%224%22:[%2209-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211815289407471904529%22}&andc=true

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:16 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15088949596469484154","debug_reporting":true,"destination":"https://quarzsand-shop.de","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["833257117"],"4":["09-19"],"6":["true"]},"priority":"500","source_event_id":"11815289407471904529"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Sep 2023 18:43:16 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Sep 2023 18:43:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15088949596469484154","debug_reporting":true,"destination":"https://quarzsand-shop.de","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["833257117"],"4":["09-19"],"6":["true"]},"priority":"500","source_event_id":"11815289407471904529"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F70F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cg-xkw-sJZeL5IfOS78EP7OSCUNi7yIFzqqm8upISr-rk8cgBEAEgtISWnAFgleKQgqAHoAGd_amNA8gBAqkCnCik7FHwsT6oAwHIA8kEqgThAU_Q_Kk8BaqOMPf88CM8IDCgxa7KpOsLhGL...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229149888621812569678%22,%22debug_reporting%22:true,%22destination%22:%22https://quarzsand-shop.de%22,%22event_report_window...

0
0

58ms
41ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229149888621812569678%22,%22debug_reporting%22:true,%22destination%22:%22https://quarzsand-shop.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22833257117%22],%224%22:[%2209-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214916439724730842241%22}&andc=true

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:16 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9149888621812569678","debug_reporting":true,"destination":"https://quarzsand-shop.de","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["833257117"],"4":["09-19"],"6":["true"]},"priority":"500","source_event_id":"14916439724730842241"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Sep 2023 18:43:16 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Sep 2023 18:43:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9149888621812569678","debug_reporting":true,"destination":"https://quarzsand-shop.de","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["833257117"],"4":["09-19"],"6":["true"]},"priority":"500","source_event_id":"14916439724730842241"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response
pagead2.googlesyndication.com/bg/ Frame 872E 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 13:48:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 13:48:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3D60 14 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3844282854323769&output=html&h=280&adk=1639955263&adf=8396834&pi=t.aa~a.1902041895~rp.4&w=1100&fwrn=4&fwrnh=100&lmt=1695140122&rafmt=1&to=qs&pwprc=7474505383&format=1100x280&url=https%3A%2F%2Fwww.indexwar.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695148996134&bpp=2&bdt=967&idt=-M&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a23f75cfc340e7e-22cadc6a7dde0022%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MZYv1LKxoGF7XLXO96AobsFRzkE-A&gpic=UID%3D00000c78fc67d177%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MbqAwoBIqPJSIAnoID0BW9m6U-Z8Q&prev_fmts=0x0&nras=2&correlator=6582339408176&frm=20&pv=1&ga_vid=211891096.1695148996&ga_sid=1695148996&ga_hid=364720264&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42532402%2C44798934&oid=2&pvsid=2892328610694332&tmod=901928141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6jqifgqpRU&p=https%3A//www.indexwar.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Sep 2023 18:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 17:59:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Sep 2023 18:43:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 3D60 23 KB
9 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3844282854323769&output=html&h=280&adk=1639955263&adf=8396834&pi=t.aa~a.1902041895~rp.4&w=1100&fwrn=4&fwrnh=100&lmt=1695140122&rafmt=1&to=qs&pwprc=7474505383&format=1100x280&url=https%3A%2F%2Fwww.indexwar.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695148996134&bpp=2&bdt=967&idt=-M&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a23f75cfc340e7e-22cadc6a7dde0022%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MZYv1LKxoGF7XLXO96AobsFRzkE-A&gpic=UID%3D00000c78fc67d177%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MbqAwoBIqPJSIAnoID0BW9m6U-Z8Q&prev_fmts=0x0&nras=2&correlator=6582339408176&frm=20&pv=1&ga_vid=211891096.1695148996&ga_sid=1695148996&ga_hid=364720264&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42532402%2C44798934&oid=2&pvsid=2892328610694332&tmod=901928141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6jqifgqpRU&p=https%3A//www.indexwar.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 19:58:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 3D60 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3844282854323769&output=html&h=280&adk=1639955263&adf=8396834&pi=t.aa~a.1902041895~rp.4&w=1100&fwrn=4&fwrnh=100&lmt=1695140122&rafmt=1&to=qs&pwprc=7474505383&format=1100x280&url=https%3A%2F%2Fwww.indexwar.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695148996134&bpp=2&bdt=967&idt=-M&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a23f75cfc340e7e-22cadc6a7dde0022%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MZYv1LKxoGF7XLXO96AobsFRzkE-A&gpic=UID%3D00000c78fc67d177%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MbqAwoBIqPJSIAnoID0BW9m6U-Z8Q&prev_fmts=0x0&nras=2&correlator=6582339408176&frm=20&pv=1&ga_vid=211891096.1695148996&ga_sid=1695148996&ga_hid=364720264&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42532402%2C44798934&oid=2&pvsid=2892328610694332&tmod=901928141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6jqifgqpRU&p=https%3A//www.indexwar.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 17:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 17:26:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 3D60 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3844282854323769&output=html&h=280&adk=1639955263&adf=8396834&pi=t.aa~a.1902041895~rp.4&w=1100&fwrn=4&fwrnh=100&lmt=1695140122&rafmt=1&to=qs&pwprc=7474505383&format=1100x280&url=https%3A%2F%2Fwww.indexwar.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695148996134&bpp=2&bdt=967&idt=-M&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a23f75cfc340e7e-22cadc6a7dde0022%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MZYv1LKxoGF7XLXO96AobsFRzkE-A&gpic=UID%3D00000c78fc67d177%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MbqAwoBIqPJSIAnoID0BW9m6U-Z8Q&prev_fmts=0x0&nras=2&correlator=6582339408176&frm=20&pv=1&ga_vid=211891096.1695148996&ga_sid=1695148996&ga_hid=364720264&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42532402%2C44798934&oid=2&pvsid=2892328610694332&tmod=901928141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6jqifgqpRU&p=https%3A//www.indexwar.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 19:58:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3D60 0
0 15ms
14ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSx78R5JkuEHLqThX6NEV5VLw9SRDRqkJcB_4hD4RLASOzAEbJ_PP3RLyJw8M2ZwM0vXwyB
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3844282854323769&output=html&h=280&adk=1639955263&adf=8396834&pi=t.aa~a.1902041895~rp.4&w=1100&fwrn=4&fwrnh=100&lmt=1695140122&rafmt=1&to=qs&pwprc=7474505383&format=1100x280&url=https%3A%2F%2Fwww.indexwar.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695148996134&bpp=2&bdt=967&idt=-M&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a23f75cfc340e7e-22cadc6a7dde0022%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MZYv1LKxoGF7XLXO96AobsFRzkE-A&gpic=UID%3D00000c78fc67d177%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MbqAwoBIqPJSIAnoID0BW9m6U-Z8Q&prev_fmts=0x0&nras=2&correlator=6582339408176&frm=20&pv=1&ga_vid=211891096.1695148996&ga_sid=1695148996&ga_hid=364720264&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42532402%2C44798934&oid=2&pvsid=2892328610694332&tmod=901928141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6jqifgqpRU&p=https%3A//www.indexwar.com&dtd=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D60 182 KB
57 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3844282854323769&output=html&h=280&adk=1639955263&adf=8396834&pi=t.aa~a.1902041895~rp.4&w=1100&fwrn=4&fwrnh=100&lmt=1695140122&rafmt=1&to=qs&pwprc=7474505383&format=1100x280&url=https%3A%2F%2Fwww.indexwar.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695148996134&bpp=2&bdt=967&idt=-M&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a23f75cfc340e7e-22cadc6a7dde0022%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MZYv1LKxoGF7XLXO96AobsFRzkE-A&gpic=UID%3D00000c78fc67d177%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MbqAwoBIqPJSIAnoID0BW9m6U-Z8Q&prev_fmts=0x0&nras=2&correlator=6582339408176&frm=20&pv=1&ga_vid=211891096.1695148996&ga_sid=1695148996&ga_hid=364720264&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42532402%2C44798934&oid=2&pvsid=2892328610694332&tmod=901928141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6jqifgqpRU&p=https%3A//www.indexwar.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 18:43:16 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 3D60 36 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3844282854323769&output=html&h=280&adk=1639955263&adf=8396834&pi=t.aa~a.1902041895~rp.4&w=1100&fwrn=4&fwrnh=100&lmt=1695140122&rafmt=1&to=qs&pwprc=7474505383&format=1100x280&url=https%3A%2F%2Fwww.indexwar.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695148996134&bpp=2&bdt=967&idt=-M&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a23f75cfc340e7e-22cadc6a7dde0022%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MZYv1LKxoGF7XLXO96AobsFRzkE-A&gpic=UID%3D00000c78fc67d177%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MbqAwoBIqPJSIAnoID0BW9m6U-Z8Q&prev_fmts=0x0&nras=2&correlator=6582339408176&frm=20&pv=1&ga_vid=211891096.1695148996&ga_sid=1695148996&ga_hid=364720264&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42532402%2C44798934&oid=2&pvsid=2892328610694332&tmod=901928141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6jqifgqpRU&p=https%3A//www.indexwar.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 09:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:37:14 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/695351043545693265/ Frame 3D60 35 KB
35 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/695351043545693265/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3844282854323769&output=html&h=280&adk=1639955263&adf=8396834&pi=t.aa~a.1902041895~rp.4&w=1100&fwrn=4&fwrnh=100&lmt=1695140122&rafmt=1&to=qs&pwprc=7474505383&format=1100x280&url=https%3A%2F%2Fwww.indexwar.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695148996134&bpp=2&bdt=967&idt=-M&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a23f75cfc340e7e-22cadc6a7dde0022%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MZYv1LKxoGF7XLXO96AobsFRzkE-A&gpic=UID%3D00000c78fc67d177%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MbqAwoBIqPJSIAnoID0BW9m6U-Z8Q&prev_fmts=0x0&nras=2&correlator=6582339408176&frm=20&pv=1&ga_vid=211891096.1695148996&ga_sid=1695148996&ga_hid=364720264&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42532402%2C44798934&oid=2&pvsid=2892328610694332&tmod=901928141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6jqifgqpRU&p=https%3A//www.indexwar.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9b631c2128ecd43a1362d685e9386c45b3f534ee1d75038db99b394667f3616

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 15:47:04 GMT
x-content-type-options: nosniff
age: 442572
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35420
x-xss-protection: 0
last-modified: Wed, 24 May 2023 10:17:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Sep 2024 15:47:04 GMT

GET
DATA 200
OK truncated
/ Frame 3D60 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3D60 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame CDC2 0
54 B 45ms
45ms Ping
image/gif 2a00:1450:4013:c01::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lmqny0uy&c=4333138412689&slotId=2166569206344.5&qqid=CKPn4o2qt4EDFXPJOwIdbLIACg&fb=outstream-lima&vast_v=2.0&vmfc=7&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c01::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame CDC2 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 22:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Sep 2024 22:32:49 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-5hne6nzk.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726684996/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame CDC2
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726684996/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-5hne6nzk.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726684996/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

90ms
14ms

Fetch
video/mp4

2a00:1450:400e:14::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-5hne6nzk.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726684996/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/20028DCF549C6C934A9FBB4DB355F77B0DD4C687.06BCB034DE752D1A2DC7675CA38D97586ADE11B3/key/cms1/cms_redirect/yes/mh/qX/mip/2001:ac8:20:3d00:1012:9b8c:ca2:57cc/mm/42/mn/sn-5hne6nzk/ms/onc/mt/1695148634/mv/m/mvi/4/pl/50/file/file.mp4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Server

2a00:1450:400e:14::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Tue, 19 Sep 2023 18:43:16 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 9011109
Last-Modified: Tue, 08 Aug 2023 11:35:04 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 19 Sep 2023 18:43:16 GMT

Redirect headers

date: Tue, 19 Sep 2023 18:43:16 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-5hne6nzk.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726684996/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/20028DCF549C6C934A9FBB4DB355F77B0DD4C687.06BCB034DE752D1A2DC7675CA38D97586ADE11B3/key/cms1/cms_redirect/yes/mh/qX/mip/2001:ac8:20:3d00:1012:9b8c:ca2:57cc/mm/42/mn/sn-5hne6nzk/ms/onc/mt/1695148634/mv/m/mvi/4/pl/50/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame CDC2 0
54 B 45ms
45ms Ping
image/gif 2a00:1450:4013:c01::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lmqny116&c=4333138412689&slotId=2166569206344.5&qqid=CKPn4o2qt4EDFXPJOwIdbLIACg&fb=outstream-lima&gpm_i=6&gpm_c=6&gpm_a=6&smb=1000&br=984&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C59%2C342%2C343%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.zk~videopreviewvisible.zr&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c01::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 2540 0
54 B 46ms
45ms Ping
image/gif 2a00:1450:4013:c01::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lmqny0w8&c=513186256874&slotId=256593128437&qqid=CKDn4o2qt4EDFXPJOwIdbLIACg&fb=outstream-lima&vast_v=2.0&vmfc=7&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c01::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 2540 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 22:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Sep 2024 22:32:49 GMT

HEAD
H/1.1

200
OK

https://gcdn.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726684996/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-5hne6nzk.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726684996/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

89ms
13ms

Fetch
video/mp4

2a00:1450:400e:14::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-5hne6nzk.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726684996/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/253A58A95E14C17266ECA6DB5C32E9CC308C3B42.05C2421AAD9775EA7AFE563A8D3C484BBCDDF524/key/cms1/cms_redirect/yes/mh/qX/mip/2001:ac8:20:3d00:1012:9b8c:ca2:57cc/mm/42/mn/sn-5hne6nzk/ms/onc/mt/1695148634/mv/m/mvi/4/pl/50/file/file.mp4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Server

2a00:1450:400e:14::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Tue, 19 Sep 2023 18:43:16 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 9011109
Last-Modified: Tue, 08 Aug 2023 11:35:04 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 19 Sep 2023 18:43:16 GMT

Redirect headers

date: Tue, 19 Sep 2023 18:43:16 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-5hne6nzk.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726684996/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/253A58A95E14C17266ECA6DB5C32E9CC308C3B42.05C2421AAD9775EA7AFE563A8D3C484BBCDDF524/key/cms1/cms_redirect/yes/mh/qX/mip/2001:ac8:20:3d00:1012:9b8c:ca2:57cc/mm/42/mn/sn-5hne6nzk/ms/onc/mt/1695148634/mv/m/mvi/4/pl/50/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 77ms
41ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Sep 2023 18:43:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 77ms
41ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Sep 2023 18:43:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E138 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6aa1dbe30d83720a5df2ef35ef78cd5abd1451f1d2945d1a85c1056dc7a8a1aa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 3D60 33 KB
33 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 566928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 05:14:28 GMT

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame E138 21 KB
21 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 06:02:48 GMT
x-content-type-options: nosniff
age: 304828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21360
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Sep 2024 06:02:48 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E138
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CJF2sxOsJZbSxDf2878EPtIaD2ArExs-Ec7TthfOBEpPZldSqCRABILSElpwBYJXikIKgB6ABoZXy7QLIAQmpApwopOxR8LE-qAMByAPLBKoE0gFP0E73wWMiyBDpFXcJOAd4HEFvnUr6pVr...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22803662403432503726%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%22:...

0
0

42ms
41ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22803662403432503726%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22767330977%22],%224%22:[%2209-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214257661321135998881%22}&andc=true

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:17 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"803662403432503726","debug_reporting":true,"destination":"https://betterme.world","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["767330977"],"4":["09-19"],"6":["true"]},"priority":"500","source_event_id":"14257661321135998881"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Sep 2023 18:43:17 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Sep 2023 18:43:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"803662403432503726","debug_reporting":true,"destination":"https://betterme.world","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["767330977"],"4":["09-19"],"6":["true"]},"priority":"500","source_event_id":"14257661321135998881"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 50C1 23 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 159027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 22:32:49 GMT
expires: Mon, 16 Sep 2024 22:32:49 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 73B4 23 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 159027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 22:32:49 GMT
expires: Mon, 16 Sep 2024 22:32:49 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js Show response
pagead2.googlesyndication.com/bg/ Frame 9892 37 KB
14 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fa28ca93018a81200db86568ea62af15f291a113f136c04468fe17258727c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 16:03:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14647
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 16:03:19 GMT

GET
DATA 200
OK truncated
/ Frame 3D60 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d77a55400572fa1d711c9a56af47d90b810772b7d027e92b4c213d0d34f0c18

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 3D60
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CVxDFxOsJZc71DMu478EP1Zq4qA6h-Yf8ctzDlpbJEcqjkviZDhABILSElpwBYJXikIKgB6AB_8uYwinIAQmoAwHIA8sEqgTWAU_QUUzLtXELAsJ1LUom-qXCH832K1xxY9E-Pw5oMByq9i3...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22309466782075637696%22,%22debug_reporting%22:true,%22destination%22:%22https://helpwire.com%22,%22event_report_window%22:%2...

0
0

43ms
42ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22309466782075637696%22,%22debug_reporting%22:true,%22destination%22:%22https://helpwire.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%2211144668671%22],%224%22:[%2209-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211178175421136847329%22}&andc=true

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:17 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"309466782075637696","debug_reporting":true,"destination":"https://helpwire.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["11144668671"],"4":["09-19"],"6":["true"]},"priority":"500","source_event_id":"11178175421136847329"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Sep 2023 18:43:17 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Sep 2023 18:43:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"309466782075637696","debug_reporting":true,"destination":"https://helpwire.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["11144668671"],"4":["09-19"],"6":["true"]},"priority":"500","source_event_id":"11178175421136847329"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 41ms
41ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Sep 2023 18:43:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A15 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3844282854323769&output=html&h=280&adk=1639955263&adf=8396834&pi=t.aa~a.1902041895~rp.4&w=1100&fwrn=4&fwrnh=100&lmt=1695140122&rafmt=1&to=qs&pwprc=7474505383&format=1100x280&url=https%3A%2F%2Fwww.indexwar.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695148996134&bpp=2&bdt=967&idt=-M&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3a23f75cfc340e7e-22cadc6a7dde0022%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MZYv1LKxoGF7XLXO96AobsFRzkE-A&gpic=UID%3D00000c78fc67d177%3AT%3D1695148995%3ART%3D1695148995%3AS%3DALNI_MbqAwoBIqPJSIAnoID0BW9m6U-Z8Q&prev_fmts=0x0&nras=2&correlator=6582339408176&frm=20&pv=1&ga_vid=211891096.1695148996&ga_sid=1695148996&ga_hid=364720264&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42532402%2C44798934&oid=2&pvsid=2892328610694332&tmod=901928141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6jqifgqpRU&p=https%3A//www.indexwar.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fa28ca93018a81200db86568ea62af15f291a113f136c04468fe17258727c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 16:03:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14647
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 16:03:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CDC2 0
0 47ms
47ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CghBHw-sJZeP5IfOS78EP7OSCUNGJ2O1yjNDy5bwR3aq81_ICEAEgtISWnAFgleKQgqAHoAH7o46GKsgBBakC55olPULcYz6oAwGqBP0BT9DTqlnOXkhsobv7fEG6S3K8tIXP_tUfJsHW1g8sndG80RQJ6KlI2sv8gt8OTdQJPN6txd6zq_XZhY5-oyaP23aRd3m4JtIzCrQP_JvTRidawJGEO7Bd-3EMT3SFNaSNi8XPK5_Oh6spFVcKZ-3Q6357IWRtPohhEnXBR_g5YXGEULov04Axy8uYBs3zczwMXIXqAQIHJ5K2kMspGBTy_xCwjPMY6P2qiF58i-v38MwdZLtns1eRocaKGjASOqyK3TkP3fT76KyFARCMf4qMZ1ezRrWuFEh5fTSHeGkXe6uWqXu7GrOoZDEXMy5thfFlu_A2vctBVgZEp__fvMAEqMq7o9QE4AQDiAXxq4S9TJIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH-9ve5QSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDznwMYjaH08gHSCBYIgOGAcBABGB8yAusCOgKAQEi9_cE6gAoByAsBsBPHi9sUyBPhrNbjA9ATANgTCogUBNgUAdAVAYAXAbIXHAoaCAASFHB1Yi0zODQ0MjgyODU0MzIzNzY5GADoFwU&sigh=IOO9gKvPwTg&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWYqFONCugPKbutJupPwofVkbwPicrFBgB&vt=10&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Sep 2023 18:43:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 206 file.mp4
r4---sn-5hne6nzk.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726684996/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 2540 445 KB
0 54ms
16ms Media
video/mp4 2a00:1450:400e:14::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-5hne6nzk.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726684996/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/253A58A95E14C17266ECA6DB5C32E9CC308C3B42.05C2421AAD9775EA7AFE563A8D3C484BBCDDF524/key/cms1/cms_redirect/yes/mh/qX/mip/2001:ac8:20:3d00:1012:9b8c:ca2:57cc/mm/42/mn/sn-5hne6nzk/ms/onc/mt/1695148634/mv/m/mvi/4/pl/50/file/file.mp4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:14::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 19 Sep 2023 18:43:17 GMT
date: Tue, 19 Sep 2023 18:43:17 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-9011108/9011109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 9011109
last-modified: Tue, 08 Aug 2023 11:35:04 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response
pagead2.googlesyndication.com/bg/ Frame 50C1 37 KB
14 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 13:48:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 13:48:22 GMT

GET
H3 206 file.mp4
r4---sn-5hne6nzk.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726684996/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame CDC2 4 MB
0 49ms
17ms Media
video/mp4 2a00:1450:400e:14::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:14::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 19 Sep 2023 18:43:17 GMT
date: Tue, 19 Sep 2023 18:43:17 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-9011108/9011109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 9011109
last-modified: Tue, 08 Aug 2023 11:35:04 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js Show response
pagead2.googlesyndication.com/bg/ Frame 73B4 38 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

376f41ffc1d4d5def2ba3d36acec290e94d5212f09fdce52f4cb079f7d8a433c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 15:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 357596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14699
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 15:23:21 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 49ms
48ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Sep 2023 18:43:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 872E 0
11 B 16ms
9ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2gQGEw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dc_oe=ChMIyNKljqq3gQMVLURBAh2IvgCcEAAYACD-i-hdOhoI18SxlQUQqMq7o9QEGOGs1uMDIIzQ8uW8EUITCKPn4o2qt4EDFXPJOwIdbLIACg;dc_rmcid=CAQSGwBpAlJWYqFONCugPKbutJupPwofVkbwPicrFBgB;eps=CIDhgHAQARgfMgLrAjoCgEBIvf...
ade.googlesyndication.com/ddm/activity/ Frame CDC2 42 B
401 B 514ms
115ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyNKljqq3gQMVLURBAh2IvgCcEAAYACD-i-hdOhoI18SxlQUQqMq7o9QEGOGs1uMDIIzQ8uW8EUITCKPn4o2qt4EDFXPJOwIdbLIACg;dc_rmcid=CAQSGwBpAlJWYqFONCugPKbutJupPwofVkbwPicrFBgB;eps=CIDhgHAQARgfMgLrAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D61098%26vmtime%3D16%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D11248479%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1695148997468;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame CDC2 42 B
64 B 83ms
80ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CAeRiw-sJZeP5IfOS78EP7OSCUNGJ2O1yjNDy5bwR3aq81_ICEAEgtISWnAFgleKQgqAHoAH7o46GKsgBBakC55olPULcYz6oAwHIA5sEqgSAAk_Q06pZzl5IbKG7-3xBuktyvLSFz_7VHybB1tYPLJ3RvNEUCeipSNrL_ILfDk3UCTzercXes6v12YWOfqMmj9t2kXd5uCbSMwq0D_yb00YnWsCRhDuwXftxDE90hTWkjYvFzyufzoerKRVXCmft0Ot-eyFkbT6IYRJ1wUf4OWFxhFC6L9OAMcvLmAbN83M8DFyF6gECByeStpDLKRgU8v8QsIzzGOj9qohefIvr9_DMHWS7Z7NXkaHGihowSjtm1tdr2e1mXUkIzLe0ncRmyN27irELluPeFlk-UXFAD_p6MJGMJ6OehnzNjMdq10tJSJfokil3COBXtr0sw7tBYPnABKjKu6PUBOAEA4gF8auEvUyQBgGgBnaAB_vb3uUEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqACgHICwHgCwGADAGqDQJERcgNAbATx4vbFMgT4azW4wPQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU&sigh=LDvZjk2-TxU&label=part2viewed&ad_mt=17&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D61098%26vmtime%3D16%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D11248479%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1695148997468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CDC2 0
557 B 763ms
60ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssZ46BtBOPVmz6LD7kPGpXqI--r3bBde2Alc5HwSSQcSCzv7QNwQGMP2zI-LUkXQlSehPBCKaCIMptHpVf4jdZkAPp3oUR0b163A2v-lJvnweU7kEEpWJVfL7GD_i9WkuWjY8evxcHriT92ZGowagrNl-oElaFwd3bMXg4zPV916TI1UWzgtMmfGKkslNowsevGRB9wxkjaIAr4KyLucH2B6Xh_bvPB9e2Z6qGpVvND6S794664IyGRfA21dFsXG0w34EVkg4YUIBC1MelEYivb3iXPiwXGLPbnOJuVfnNo4kxI04HPoZsAqk10NkOdAZ806ck_LiV_x8h0S-1NGSkAnS5MO1tnRfgbQNgullGU9jXERUFUHcZSLKUftirFWzXv_5SPEWyJUe0Gh1l0Acgp_ZA6yvnzJNJl7ATNtYNLCp2ecjS97NgVMdh-f_NgF8a-g38BD7XN-CtbZz4dyNzcc70xgfSQkGdjTzbsx5uPzi7Q62276L2MaXrch7eHFVWQyX_3boS0kUyazJRtTe5L6x-rzaxGNPOlrfzH5NmYux_OQTsAsRlohyRsr8bf_g_ge5IBA6pBvrFxZo6BWq5xKtiIJp5Qm3kFmeBCpSb_Ir6XJ2TZ9JZJvxvfvI8mwP-O0KUDs_xs4eE0KdMKbnja5Z4K7Jlod2yBrRWFIsWK91zmqwumLu2fKP6WbKKVDSKNQV1wUSNAq9TMu9iluH-ddtVn1ek718-MoHXw3sbskvxE10oe5-GrOHCH6_fIlWdF0rQn29kVvHw53TaGnCQ8HQAnvoEQAoHs0e27J49xdjGacy-aqDiqjxkqxGSr445HeM29lI-IHQ-RQ1Mrdf3pwDroo8gGtnxodUSYpyGvdmDg42OMF7NvV9XknTLfkteJAAUlZD_Y7mMAQHT8eJyhAh9rMzYO6iVdyItm3GcNkPzWpPXWE3Chl3QcSXmDOH44_v_5LTT3rWfg-rseKr6RsevJnOfjigPrR9OVIAFBaqw2x58oH2nPyOBeEQ6MhMShkw2-HzA3VoaStE_yzsz6SbsCcgNYtde88c-OWJtSwwGIdxDdzPmrNNvcIFEtB1Yk2olSW40ihltouCvnRZaxdJXnZApWmmYgmS_4Jf-rH8e0wtUB5YLvbdZx7m5srR_TO5EQ47MnF9W6g0ye2t8QWnCERlJovQ0in6hYESEIZnjs9nwPM2YSzvATijT41OisvgTJwzXolx0&sai=AMfl-YQRTuW_D4NKh31_eB5jWWYYH8le8VheycZW2_3JmbjMoyfln9r8RsQFiwmEa77_QZl3hxlGPR6LrZRd7WKYwwy-bQHktyVtDQxACrWMc70Jt2GtyiVQnZerxO2zmN_3NiEu3OQNmdQQ50qZ__sy7CTDDcV3ACJdgFmj2sIg3xeiDPA17T0&sig=Cg0ArKJSzNFjTMJld6RFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Sep 2023 18:43:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame CDC2 0
16 B 105ms
103ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOriuECENfEsZUFGI2h9PIBIAEwAQ&v=APEucNVNBGVkHWbK8rmwTzOpZn5uXTlTiHbF88JYIxH-14XXAmkf4CSSP61T0oKMSvqyHYKsVfz-AuHctTtk3kp5JkREMhr1pA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 18:43:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CDC2 0
20 B 110ms
107ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CDC2 42 B
64 B 117ms
114ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssc8bSzYizvuZ3vSsk8dpIEMTNcIE1850Xpy1XkMxJvr41uYoNav80a3qWHrFG2ujmajDdLmst8ABiJuzCEy0eWz0vlgGC25OYAgcpTvgeICOe85SKLjJkmopf6-v766w3c_GWgqny_nfrg&sai=AMfl-YSxEFpmlgwyqOnSiiwgpo4NzwmHu-x9IwWLd8TbdJsRa4vQkXEcDgs2uqhOJsLyDQfusj4NwCYIUlma&sig=Cg0ArKJSzMGm8L-1N_HNEAE&cid=CAQSGwBpAlJWYqFONCugPKbutJupPwofVkbwPicrFBgB&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D61098%26vmtime%3D16%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D11248479%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1695148997468&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame CDC2 42 B
64 B 104ms
102ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CAeRiw-sJZeP5IfOS78EP7OSCUNGJ2O1yjNDy5bwR3aq81_ICEAEgtISWnAFgleKQgqAHoAH7o46GKsgBBakC55olPULcYz6oAwHIA5sEqgSAAk_Q06pZzl5IbKG7-3xBuktyvLSFz_7VHybB1tYPLJ3RvNEUCeipSNrL_ILfDk3UCTzercXes6v12YWOfqMmj9t2kXd5uCbSMwq0D_yb00YnWsCRhDuwXftxDE90hTWkjYvFzyufzoerKRVXCmft0Ot-eyFkbT6IYRJ1wUf4OWFxhFC6L9OAMcvLmAbN83M8DFyF6gECByeStpDLKRgU8v8QsIzzGOj9qohefIvr9_DMHWS7Z7NXkaHGihowSjtm1tdr2e1mXUkIzLe0ncRmyN27irELluPeFlk-UXFAD_p6MJGMJ6OehnzNjMdq10tJSJfokil3COBXtr0sw7tBYPnABKjKu6PUBOAEA4gF8auEvUyQBgGgBnaAB_vb3uUEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqACgHICwHgCwGADAGqDQJERcgNAbATx4vbFMgT4azW4wPQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU&sigh=LDvZjk2-TxU&label=vast_creativeview&ad_mt=17&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D61098%26vmtime%3D16%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D11248479%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1695148997468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame CDC2 0
17 B 63ms
62ms Ping
image/gif 2a00:1450:4013:c01::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lmqny11g&c=4333138412689&slotId=2166569206344.5&qqid=CKPn4o2qt4EDFXPJOwIdbLIACg&fb=outstream-lima&gpm_i=6&gpm_c=6&gpm_a=6&smb=1000&br=984&mt=video%2Fmp4&vs=640x360&dm=61000&ple=0&umsem=0&event_name=first_play&asset_bytes=194572&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.1i7~ff.1ij~videopreviewstarted.1ik
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c01::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50C1 0
20 B 113ms
113ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bt7YyxOsJZcjgJ62IhcIPiP2C4AkAAAAAOAHgBAI&bg=!8POl87zNAAbP3fMH7907ADQBe5WfOLO3MQidoYh6PbF7_Xz6EljLlJEwjzQ7QU0bvivHN_k5wTfOppFeF7cDOGINHHbPAgAAAThSAAAADWgBB5kC1mh48lTktgtCEju9Bin9nojA5W-ZewHDYb3lQuFM-U1Oi909Nd9pOLCpyouF-h4SiDMsUqoG1hcGTE82KqTLfDA9E9QEO4FQugp-NHomF3rU2_bEKvGb2zJGxbXWavQfRqOjlGelGOEiHh9RImWz-PkUaFF8TgRfGp8_TXZpazbyNMb6sGwq-XdS8QLXGivgiZXiWXoLRDGFm_hUURxpbE0QdgYdNroYIn8nMpy0WZ2KzZlXE2nGNQrzct-RQM2gHT5p9yBcxNQ43G9fkoN-ruK3IPwvzs509OMX5zup8OctYFM4SsC9MJlVzm3whfSyfW4OgltseA4FXlBr4f1NOtnW92UX23NJ6hM5y5k2gmlLVVqWyuaOG_RRVVDvMWR0BkfpMQ7tSg8YzS1GNpmy682ZtFm30TZaWM8Z4DiizAS4S682seYlYdHYhDaZtrOncg2ExXFZN0rTCL2w83FI95UNmUsZ9EL8-Ei2sKQgb_oTLzEevL05ygzjotFM-9wenAHDzhV4PcBiM0KLHUh_ZkgjNm8jePH4CnV07gVwSgU-zuW8lwXh1JlZfhF3LhBv8sssWO0VdX887R9IL5Hyv5UXRoV1udRhyyLHVkOkHVM8voG9D79H5DTOV2gOk7YgqVxyVj8ra5dk8aYMEkySuyVf26k0fI9NRTPSkoIYbwnvxEkYTOW-nyGD7J2-J40G-H536V6PSuy3-uA8s8G0JxnXnXmHweF8W26rbMAejFQn7ERT2Zv6M-kbJAvwqt3nVcbTLlyRNIfNabhttwvzbV663s2V0-eu-JA15ZnahM7Vo9S-H9H7sPXaVw2UyFuGnqnZHs2mRkuXDbCoCOxKKD5QNZ8jSjVMIhf2D7bc7IkDmieRf3b0yg3-gKG4e7HmWt02tOuWbvos7b0RUkadkTmo26IySA-aNPPeK_pRTyd5_Uz50FuumCNKlLrJjkibUFYcEcuckQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 73B4 0
20 B 113ms
113ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B5pnmxOsJZY7xJ6mFmLAPna200AcAAAAAOAHgBAI&bg=!2dql2pXNAAZQjyUVcI87ADQBe5WfOG5k-jyH4_hS1YUgKm-t-3Idc_0zBZOl7WVRcsRL2KoUOSCChOTewvbnOqX5vL0PAgAAAStSAAAAB2gBB5kDDAy4hH4KJtRf4FgLPbLYt2TTG0pQLYhdj20-cuzi3Wo1m0fG6T_qny7Kn0SV0GJD6KLtA1VefxbiJixFaoYf_GBiSKn69VkIDIL4hAFqjdqwzbIRn1VR5Rc77YWtKfmLP-iziKI8cZ2lbCaptOHb4GI0kCtfYeaG3QSzDkIJ7wOvRT_mEBG6NRomhC6JSTEwK2V2rCdc-QkJtW93VpSHIOdpW7MjyO-t5bweF9sqFmrQMts0T0lf7jFh6kx7aR9LtkKwSlUQXj8F5e0-trrNLg2tHZuufUpqifIVRySmjLtqnD0jSKa-HhQgoWYLWzbamMOppG5l3YIX4mytusp7fDMRUeGkEv1pCeTI4l7_HEjMdnoWSbERlSzZR9MB02lwlbMQKwIuymI04EFPtcAx0ocRCGlfX50BmUHMLcIz8yHh84WNZBidK_iiEbmeDkmf_qa4UyceDMXGCPdW8Q88Ogs7-NeqKpbuV2Wk0tMALYCwVjTICNTMnE3qnMAX2MUyvqFN-DjFQ7u9wy8hnX67VX6hg1OzjoUfKnRwoaK0h6636H2v-Bs36Dar1QthGXsPiJ6LCCMuMmjKh1jldeso2ImA6qw52-C8YMwCiHECmLf7Oi96bWLGx2h39Z3oOdTnSlL6vZwhQN4SgJmu2iYKnGGiG0C5d9HxInuTErD2IGBUwN-YEuIdRP4WYLTtJtnG0P5u18sQwQ0bWrQntReCrMobSWgCpTiepnkq0umQa3goirGiskGg0m5QWi2jq7DjFzfla-VlIaZYknm0eqIyUqHsAHDIZm91cEk0FOQHSCQi9y7HPFG-J5hClvvoWh1NEvK6pcSO7kp_jbSLdSingJZmlwoPN8CSBvfkUXSkaNQNMGUwmVSG454xfbISiqNakGg6Os-xkb6apUB0djZ8mMkayCPE5kfLjpRIWWc7Sn5RQPMQZ-HtY23dRdirDLqOSgjUyP7Z5QkR9bcJXDa1Lq1b5SLiOcnkBw_4zZqoLg1ZYFExHjC_0gxQzKQrNHKqnMw59KDbHxB1AJjbFg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F70F 42 B
64 B 116ms
116ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuL-VkTNO7qvaHmc0KGdXdaYOn692Tbz5DpMgqbrj8praa5DEqPfEcjdkFelMGkN13MtQer7j9b1gMTyiqJ_FvbxhqkADP1tL2z59DwAze14n98b9dcUfkOeFknJBsmo8-rkqRsUJ4qRSVnmEY2SKO1HkE25TiN1Cs_EWn-r7LHnzVDbc_anF4y0zY0yIygf7HWHkloFPyf8w1SXY1Iu9RYfijpaEvYwlYwI4VT9vXY4Hde2zj81gvt50TnF5ll_plLCLMxtKOprtha4IJm0AjIwTuDEF6Mz6HPeGxk4JRqZw2JHZfY1BpnVW4c7abWp7i_SV6XlTvvSOFkeMsvl0YPpKCmfXSR4t5SZ7Axsyhx4_IQrHcJznn5WuuS83jpGhhoeko7cpn0CI89I9COiGK5d3s5v7Y0iIwbr_25qBZtG9IutXkXOTCFBqqrfgnn1YBVoU-ItBcUoO3b2JniWoib0XP7mjfz6pDcWX7xkWrMSE3NxJkqNhfy_vkykSOwjHwL9yXjp7wzrn1CdUBjs516Pl0c-tY75f5QXES2FjrHWkwjXkujdVoiyHAj36R5j5-4CproFF5bP2HMu_tGm1xIhsXN2OHV8oPiM7HdcTYnU4grtNIaKX5sd3cHWg33Y1gDfgpOH0yTPU5l9UetfuZhvRwl4-u-ror3BeTfGqzepiwoCgJkXNeyBYZsmD50pJmuexZoNRFiKaB26dBoCjjG_N6XecAYLXUoVFQzCgHDCfwDObwqU60jVNbRyHbbkmK-JJw-q9054QUsrz07AKcZUXA-F6wsGBQQzzVZ2LKjH4dW9vgQBgMitsaBSbehm67Vem2OMABdDBgj6P7gGIKqpDLx2RtL13NEOknE5bGw3C8MQSK-NA15mpRh4pkmjmY76ckBQ9MCmkU84_ieYY7HESLTT6ptin4JpYCVdSdLgk6VOayl4ZbrBYFvcfmWbakO_p1djuQ-AH7Wdq8hEnFakbjLrDOyJK9-p5flNQ-CcJCQb5ofxIIdRi6W-QjEPLVDXXloQ9ocYZQPwXQ-Gzv1cJh8wXgbOaHEGzzGU285ceNp1-OveKc_YJWv15Pnu0Z-UTwbx1qH-KRtB7avEp-jZtI9m5rf4BCu77I&sai=AMfl-YTYprw3HdwqQlVYCheHe9U_1kGWfEA1ig5qEfQk95UuFEjd-lGzHL8drdSOkuZ20EFJwE22U2ZfD30stMeYibwmXGzsdbpSQQ&sig=Cg0ArKJSzFTPf1xsDYt5EAE&cid=CAQSGwBpAlJWYqFONCugPKbutJupPwofVkbwPicrFBgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695148996220&rpt=278&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D337 42 B
64 B 150ms
148ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuQSa99f-CX5ZsIvkJoDP0nnH4zxU7ln8KJBHztWaJSeX3Lu_carL21Cc-cj4nye21qp4KwSDF7Zmn38dMiaah_RopeasJ1URo1je51ZZ-3CCA3UVlu3Q56jsiltacwySGpOLNPbbwf8dp5u9pUb3RnFXvQEoXcTNpERTpUyUVYKW8lMoK4mThWK9743ggVwReq7v52cPyX6at4Hz9qezEWcGOYcKAd599Om6bRVUkB_r-m3WWru1UZfUEfNNEl_EFOuu3bQe6NHjM9lgO-9hei8dB5Eq551xnd0b183a4XfHmPsSrWBts5I-vQ2qkUuTyCYtd3Kd3HuKrZXMVyKX9udBcxt2H_VA2q_Bjb75OM9e5N8nts4nRzyXD53BU22Hw_ywyMb0pE6Hd5Mvi3mAXJvBEnRdd4G6ANn6dXl5m_wBYxbAhuyNkxXHLLVa9v_DyeB4bLhpKKZ2exjNdfYtnyQ5o3h7iE-sLPIP-ZccZZRg6dts2CMrfCvyDmCblqIVlBjtj6NabeyUuvVL-kOl3XCACAjvQNDfE9nmisknmO19QBDGBWFY47Ybet_WsfH6_82LfsluCP6XTSpO2Au63CN5T4v6gTU1dmi5gWr67pqGhubvdcghwmDBhe6ZBhS0kpp4zI4fh3tUqjfeTcDaqO_YbHBj27mBNUkqLFHaIsF9hvAlv5oBmLMhqNchSpPtqOdAogOoJge30KCMPQLmyBSdQM8wjMs4bBu9XXmcOyNv728zjz2tiQ2czmFawjCHKHcGlPJWALNo3Kl1kJrGBOnBn3rTRUpTlcRFRCqOWhnOoIdxpJAvkGih-L7Cf2jeuUqC3bimYPaRECoGhnNWcHgFayP6lkbHLM5quX1E3II7vaXFXqTqNX-1ce91fCWjC9ObjJ1m7RoQhoGKffBEPV9CD3P0EBDbBFoTcXS6Z51xIH8xttfcG4s8Bq_be19h32numoeGxW-1-FLpJ8CvzDCvuqE_1RU8yche5a390OFKunqaRKhP_mlHWE54s6PsTfMvjDUGnF-QUZGcsvpbOUA-dkEpyu6o54kynjNLaBpct2K0J-yCmPf2fHle0aw0VJZqvIIalLjl9i7-S5N_lNGljJp-JNExZnZ4&sai=AMfl-YTRrAlflfL5BUUTwGlZHnk4SpwmYJ8U46HvKGq5NHm6w83Bxe5d69M8ggKnHdjUWunQoJjIn7Z5In6dC2KNMIBa8c5UAnJbIA&sig=Cg0ArKJSzLls_Xl1NuOSEAE&cid=CAQSGwBpAlJWYqFONCugPKbutJupPwofVkbwPicrFBgB&id=lidar2&mcvt=1010&p=0,0,600,160&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695148996217&rpt=260&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 113ms
112ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230918&jk=2892328610694332&bg=!8POl87zNAAbP3fMH7907ADQBe5WfOAt6u_zO2la56Hy718x7xOJvXeK7fNJyTUAk4FbGVJP79XkUIhqZPRGJb3C7BsXZAgAAAg5SAAAAB2gBBwoAiIUKKXE9BS6ydSDZ5wZQk7yxnTxITgso6XwmjFuxuxIR2KEizwmF1FK7MzmxpUKHFtKgoYQUYYSkVvueJeGzQxIRL3s_4Gu21ilTrIFAiGX05z1ALHgZaVwEiA2mtXR5CfubMfM8k7I6LTF2ZM6nVBP7ryGXcUVgxR3-nLD78GAJgqeBcpfvp7eZAr1EPgO1endTngDQ5GNkF6aYFoPn6P1KDPFMRzZugVEtqlIUUCm9Ds0MN-es6DuW4xaIRs68oXih77h0HMG-C9dWOYrrOP_PRmhtK9UUlB0ofh23ZPbqXk2N8W03RZqx4MPZye4qeTOXV-XSwkwWyuAbRC64ySYyFQ8ZW40_7AhtJYno-aXiJExstUFpx35YwiUJqx7DYwDMW5jy8ms-HCBfN_4RxMLO1ofOxnDPSuzNB56RpzwIMxRG_hvn6Os2-xtH_r0rXKl85BpHnzLC28xz6QK8tfr4yIwQsy3A6V_AZ7bpezQamX5QRpLgN_sYIqOME9ITEnF3PHhTgrv9R5EN0LhowZsIFVd--rpqbCz6QQR05T96VMCJmB8_d2awvUQftcLGHp4cIW1QYPR2-dzDNXrYbF7dsNqaDSIfX8HXouE8qqBvZvmJ7nTaOciXc0czih8PkXaaygLSwFN9O_BswY8GGgumKcNb8akmWhvKoVa-DW8kA1su5obtmcDas6P6c39WUzhzRGxnBzgLguNsSzWJuWrgiL3u7mhJzw1L895vY52AjKAfLya46TBHdmrYqKQVn5taHDFYg6kIywt2-G3H1awP_tzpm6eHUm9LnqrZx3DK5aLO35KNlns37S-i5tVPNbfhackz4wUfCwfd4OhNdAXSUSAjj6mTK4_LPj5uxkDXFwaRbfkd1tq4ChvBcjF2zJ06dBmzkbnOXSJd3sFx7nBa2DYD5rBCpP86iZwTG2AQOCEvrzU_gceeRyWhNZsBFoZP8uc-uOJ4g-aJk6hh8hYufkK7t5sWKiGsp6IDGgNWC06MUpSmVHM_xOAcRIu7nbERtXVYBzOMNVlCo_gWxCocKzzdwrJwutI0Aibp0vF3h3g1o70NFfiZRJ5XeI0ipOPubPTGI0X4Mnkp5HLPpqnkv0NQy5Cbiw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.indexwar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame 2540 0
17 B 46ms
45ms Ping
image/gif 2a00:1450:4013:c01::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lmqny11l&c=513186256874&slotId=256593128437&qqid=CKDn4o2qt4EDFXPJOwIdbLIACg&fb=outstream-lima&gpm_i=6&gpm_c=6&gpm_a=6&smb=1000&br=984&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C59%2C342%2C343%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.zx~vil.1i5&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c01::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CDC2 42 B
64 B 113ms
113ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssc8bSzYizvuZ3vSsk8dpIEMTNcIE1850Xpy1XkMxJvr41uYoNav80a3qWHrFG2ujmajDdLmst8ABiJuzCEy0eWz0vlgGC25OYAgcpTvgeICOe85SKLjJkmopf6-v766w3c_GWgqny_nfrg&sai=AMfl-YSxEFpmlgwyqOnSiiwgpo4NzwmHu-x9IwWLd8TbdJsRa4vQkXEcDgs2uqhOJsLyDQfusj4NwCYIUlma&sig=Cg0ArKJSzMGm8L-1N_HNEAE&cid=CAQSGwBpAlJWYqFONCugPKbutJupPwofVkbwPicrFBgB&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,168,119,377%26tos%3D2003,0,0,0,0%26mtos%3D2003,2003,2003,2003,2003%26amtos%3D0,0,0,0,0%26mcvt%3D2003%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2152%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D55%26pst%3D203%26dur%3D61098%26vmtime%3D2172%26dtos%3D2003%26dtoss%3D1%26dvs%3D2003%26dfvs%3D2003%26dvpt%3D2152%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D11248479%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2003&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1695148997468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 18:43:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.indexwar.com/	1970-01-20 23:38:04	Name: HstCfa4804379 Value: 1695148995347
www.indexwar.com/	1970-01-20 23:38:04	Name: HstCla4804379 Value: 1695148995347
www.indexwar.com/	1970-01-20 23:38:04	Name: HstCmu4804379 Value: 1695148995347
www.indexwar.com/	1970-01-20 23:38:04	Name: HstPn4804379 Value: 1
www.indexwar.com/	1970-01-20 23:38:04	Name: HstPt4804379 Value: 1
www.indexwar.com/	1970-01-20 23:38:04	Name: HstCnv4804379 Value: 1
www.indexwar.com/	1970-01-20 23:38:04	Name: HstCns4804379 Value: 1
.indexwar.com/	1970-01-21 00:14:04	Name: __gads Value: ID=3a23f75cfc340e7e-22cadc6a7dde0022:T=1695148995:RT=1695148995:S=ALNI_MZYv1LKxoGF7XLXO96AobsFRzkE-A
.indexwar.com/	1970-01-21 00:14:04	Name: __gpi Value: UID=00000c78fc67d177:T=1695148995:RT=1695148995:S=ALNI_MbqAwoBIqPJSIAnoID0BW9m6U-Z8Q
.doubleclick.net/	1970-01-20 14:52:32	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 00:14:04	Name: IDE Value: AHWqTUkvT6ySkv9fmZxnu13xIkmVr8w6WSFqXXgt2GBYzbcUWorp6xhP-Wb_9awH_z0
.doubleclick.net/	1970-01-20 19:11:40	Name: APC Value: AfxxVi7BIXdPaUA7A2nci3_B1pdUhYXO3jkns6WsNZYR2VAV1OVC1g
.googleadservices.com/	1970-01-20 17:02:04	Name: ar_debug Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
anubiswb.github.io
bid.g.doubleclick.net
blogger.googleusercontent.com
cdn.ampproject.org
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.imgur.com
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
r4---sn-5hne6nzk.c.2mdn.net
s10.histats.com
s4.histats.com
tpc.googlesyndication.com
www.blogger.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.indexwar.com
142.250.184.226
142.250.185.98
142.250.186.34
146.75.120.193
2606:4700:10::6814:91f
2606:50c0:8003::153
2a00:1450:4001:802::200a
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2009
2a00:1450:4001:830::2013
2a00:1450:400e:14::9
2a00:1450:4013:c01::78
54.39.156.32
74.125.133.156
01736a4b70c168ca88d4cf59b9d65ef59015e8d5cafd269a9328349b36aeda85
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
07abf627ee6df7ab157a81b61237eae98472114b12d4c0bfe44d78a0d1dc82ad
083209587ddf4c5179ab497a4bce5fa7d786568caf6f6ab2d73a3754ce6cd721
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
123e3d5a277992b89599e8f375fc5382ddaa22b3890d83c220c96b7a16a56f76
16d69f5b90b0be7efcb903c1285dc35bc190275b5106d17cfca88f338fca8013
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
21c4889cde15d42a384ad014b91e386510b72620fec99567398a7cde76e4171e
249e9afc1574b1791e14365c176737bd8425771f1740f36cdafe2441d4fea7c3
24aa8a34d64838da936d5c81b1d186cda54646c291f8e89af108123738fc6e7a
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d77a55400572fa1d711c9a56af47d90b810772b7d027e92b4c213d0d34f0c18
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
376f41ffc1d4d5def2ba3d36acec290e94d5212f09fdce52f4cb079f7d8a433c
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
453a980367e2c76aacb9c48ddab4f0732175bd0f2aefc257cfaa75dfb4dc2ae2
4b344321f919f232b7f8aeed4728254cd270e4ec2a7922eaca781cab2aace96c
4cc5b53db1be65ea34adad0c15ef0540f4beac5fdff01e36194b6d551abcea98
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d8a50212ee10bed6f7b0c953cddd312ba89a0b8138f34b144b218f7af26ef1e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6aa1dbe30d83720a5df2ef35ef78cd5abd1451f1d2945d1a85c1056dc7a8a1aa
6fa28ca93018a81200db86568ea62af15f291a113f136c04468fe17258727c06
773d39d817342d38ff8203ede93c2280d9f4e6cbeac425fe09bdb7decddc65aa
7d747d0e2e928b47c5727defe8c2d2b74379bec7567fd283763d13dd23ea9ac9
83764d32f03a6d8175167f4a6bbc7e77aafdacb9b4d4bd7f162d45ecb3b9b946
8ab3a8d4b08d504ad5847e8bd132c66e7f0c5822da1895f9be7454a990487e05
8bb6c0eef29e163f071f52bc5b62a79204e83d7ae13d8629037882e55b5e72b1
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
926a75e883b285b483ef3dfab6ef95fac7c805a2dc9b4bbc2cb713fac55f2760
953b4b72f673971bcccdd71be36e41e3eb04b4bac604fe9a83a6dcb1179c2337
97b47c58e662804749691df086e253e424ffe0b8e6f9a976ff26fe58a29aba8b
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9ff98236780a82e68fa31df898ab49ae16b7e290c8b50ae817d800ec18d53970
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a584b88211de5abf3764f81397ffd690edc8716f6c1a26863f71f115a51e3d65
a5cc4757647ab3d5ede0d9fb0e5f543cc2246c270043cdc5d10b4fb9f8f5d1ea
a8f94c095e4a64e576d0bed9feeb45b04754b7b781109337ac29cfb8e1d23852
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f
ba7e535e38ec1ab8e34ec371525576c91390dd7664745c2a47bd7fbe0dd55271
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
cc9433048d7c5a788369ffeb59e15c25f5f5101d29300b3726222ac609e94236
cdbc437ae4f9682ddb3016e0f10d720fe02ed6f35c5944aae743d71004e7ce1b
cdca760a7bca01496feb63a9326c8bd0206407abc8f55b37751d30f27270910f
d49c1e3a643794375db57ab0f237a97a189577f3e822d8512ed383f95941dde8
d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dfea1fbc237b6a04685492aef7707e8ce71dc4863fca1cc1a8e355006e52576b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e812d3af5b1d55163042b0245a4c81705d4f849e48d450e4df1de1589aeedf03
e9b631c2128ecd43a1362d685e9386c45b3f534ee1d75038db99b394667f3616
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

www.indexwar.com Open in urlscan Pro 2a00:1450:4001:830::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

134 Requests

96 %HTTPS

76 %IPv6

15 Domains

25 Subdomains

25 IPs

5 Countries

1786 kBTransfer

9088 kBSize

13 Cookies

2 Outgoing links

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.indexwar.com Open in urlscan Pro
2a00:1450:4001:830::2013 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

96 %
HTTPS

76 %
IPv6

15
Domains

25
Subdomains

25
IPs

5
Countries

1786 kB
Transfer

9088 kB
Size

13
Cookies

134 HTTP transactions
12 data transactions