urlscan.io logo urlscan.io
SecurityTrails logo

login-db.uno Open in urlscan Pro
161.35.181.78  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.login-db.uno/
Effective URL: https://login-db.uno/
Submission: On October 27 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 18 domains to perform 66 HTTP transactions. The main IP is 161.35.181.78, located in New York, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is login-db.uno.
TLS certificate: Issued by R3 on October 27th 2021. Valid for: 3 months.
This is the only time login-db.uno was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 161.35.181.78 14061 (DIGITALOC...)
1 172.67.214.69 13335 (CLOUDFLAR...)
1 142.250.186.168 15169 (GOOGLE)
9 142.250.186.66 15169 (GOOGLE)
1 142.250.186.46 15169 (GOOGLE)
11 216.58.212.130 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
1 142.250.185.130 15169 (GOOGLE)
3 142.250.74.194 15169 (GOOGLE)
3 142.250.185.234 15169 (GOOGLE)
6 142.250.181.227 15169 (GOOGLE)
11 172.217.18.97 15169 (GOOGLE)
2 142.250.185.226 15169 (GOOGLE)
2 4 142.250.185.100 15169 (GOOGLE)
1 91.228.74.133 16509 (AMAZON-02)
1 1 18.184.251.131 16509 (AMAZON-02)
5 142.250.186.34 15169 (GOOGLE)
2 2 35.227.252.103 15169 (GOOGLE)
2 2 198.47.127.19 62713 (AS-PUBMATIC)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 18.133.3.192 16509 (AMAZON-02)
2 142.250.184.227 15169 (GOOGLE)
66 19
5    161.35.181.78 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
www.login-db.uno
login-db.uno
1    172.67.214.69 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net
www.googletagmanager.com
9    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
1    142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net
www.google-analytics.com
11    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
googleads.g.doubleclick.net
adservice.google.de
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
partner.googleadservices.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
adservice.google.de
3    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
adservice.google.com
3    142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com
6    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
www.gstatic.com
11    172.217.18.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f1.1e100.net
tpc.googlesyndication.com
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googletagservices.com
4    142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
www.google.com
1    91.228.74.133 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    18.184.251.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-251-131.eu-central-1.compute.amazonaws.com
d.agkn.com
5    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
2    35.227.252.103 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    18.133.3.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-3-192.eu-west-2.compute.amazonaws.com
ag.innovid.com
2    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
11 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
9 pagead2.googlesyndication.com login-db.uno
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
6 www.gstatic.com googleads.g.doubleclick.net
5 cm.g.doubleclick.net googleads.g.doubleclick.net
4 www.google.com 2 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
4 login-db.uno login-db.uno
3 fonts.googleapis.com googleads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 www.googletagservices.com googleads.g.doubleclick.net
1 ag.innovid.com googleads.g.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 d.agkn.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com login-db.uno
1 use.fontawesome.com login-db.uno
1 www.login-db.uno 1 redirects
66 23

This site contains links to these domains. Also see Links.

Domain
forms.gle
Subject Issuer Validity Valid
login-db.uno
R3		 2021-10-27 -
2022-01-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh

This page contains 12 frames:

Primary Page: https://login-db.uno/
Frame ID: E34DE6D210EA6E1BFED90EDD8AB2C3DC
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Frame ID: 1613650D5732140B1B1E151C83B5EE22
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&adk=1812271804&adf=3025194257&lmt=1635334489&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flogin-db.uno%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334489251&bpp=4&bdt=521&idt=107&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=136427104300&frm=20&pv=2&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=124
Frame ID: 06C456063A803575F3DF1438B6BCC9CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Frame ID: B9E4642839C8C72FB0A3ECBB663EA907
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
Frame ID: 96703D73DF063BE06D7012A3ECBFAF91
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 42D1FC5640DC160B1A6A125D6C4128B0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A400AED12CB502305DB7BFD12EEEB005
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 17A2F37CE5DF7F1CF56E04AE0901EC28
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7D036A41A5D6C3BB714264B10C0FEF35
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Frame ID: 57E18CA983DEC39D184F01471F273F9C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A42BB56A7BAD7D5F7A67E2BE81317E1D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81B7B906636BC5170DB1BB41D85CDD3B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login Portal Help

Page URL History Show full URLs

  1. https://www.login-db.uno/ HTTP 301
    https://login-db.uno/ Page URL

Page Statistics

66
Requests

92 %
HTTPS

0 %
IPv6

18
Domains

23
Subdomains

19
IPs

4
Countries

978 kB
Transfer

2856 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.login-db.uno/ HTTP 301
    https://login-db.uno/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 46
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 48
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEAx-BDQVYkDx_UJHdiaBVuQ&google_cver=1&google_push=AYg5qPJFWQq7dnyfMU4eDv75bA_BRANCU3oG3YMkBKNapBuKeULGwe6ITZUNbh8V-IdqbEtro5zWZ2bbU4dkGaj7OLd0w8t1hi2U2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJFWQq7dnyfMU4eDv75bA_BRANCU3oG3YMkBKNapBuKeULGwe6ITZUNbh8V-IdqbEtro5zWZ2bbU4dkGaj7OLd0w8t1hi2U2g&google_hm=Q0FFU0VBeC1CRFFWWWtEeF9VSkhkaWFCVnVR
Request Chain 49
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGs1c4j1UrEOQ-zK_KzRgYs&google_cver=1&google_push=AYg5qPLeD3MWLSpAfqzq6FQwx5JZC0GX_q1MK-n7bqV7glYvBDb-x20rMIvOsR0FmCstETkWRnFAqwTaFHcJ6iLz2_q_KHAyvsR99Q HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGs1c4j1UrEOQ-zK_KzRgYs&google_cver=1&google_push=AYg5qPLeD3MWLSpAfqzq6FQwx5JZC0GX_q1MK-n7bqV7glYvBDb-x20rMIvOsR0FmCstETkWRnFAqwTaFHcJ6iLz2_q_KHAyvsR99Q&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLeD3MWLSpAfqzq6FQwx5JZC0GX_q1MK-n7bqV7glYvBDb-x20rMIvOsR0FmCstETkWRnFAqwTaFHcJ6iLz2_q_KHAyvsR99Q&google_hm=LaUOauqPw4Aq-feFh3_cIA==
Request Chain 50
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEklazbw1sSydVztmRjW5WE&google_cver=1&google_push=AYg5qPKG-YaiwBO4EnaB1mXa596tqCtT_ThFwCMXLuhZmF0VWdWvwI4HEA0cVNZ11rxkU__NcZvtD9VFj8Z2tO4aLgGSJD7GVEoTDg HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEklazbw1sSydVztmRjW5WE&google_cver=1&google_push=AYg5qPKG-YaiwBO4EnaB1mXa596tqCtT_ThFwCMXLuhZmF0VWdWvwI4HEA0cVNZ11rxkU__NcZvtD9VFj8Z2tO4aLgGSJD7GVEoTDg&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cSbxj6NiQSaG5iDtmJOZhA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKG-YaiwBO4EnaB1mXa596tqCtT_ThFwCMXLuhZmF0VWdWvwI4HEA0cVNZ11rxkU__NcZvtD9VFj8Z2tO4aLgGSJD7GVEoTDg
Request Chain 51
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFfdUHW7A1Q9_Xb6DnntAWo&google_cver=1&google_push=AYg5qPJ-oQg-MkvnIeG-81uSo3Rn427Zc_wnqjT11qBjg8INqPOR5EeyShvyg8NsPic2pJ64Fd1xgHdEHfrCbjnFpF7KlIQ55HEbzg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y5RlhLVUotMUstQjVGVw==&google_push=AYg5qPJ-oQg-MkvnIeG-81uSo3Rn427Zc_wnqjT11qBjg8INqPOR5EeyShvyg8NsPic2pJ64Fd1xgHdEHfrCbjnFpF7KlIQ55HEbzg
Request Chain 52
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
login-db.uno/
Redirect Chain
  • https://www.login-db.uno/
  • https://login-db.uno/
36 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login-db.uno/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.35.181.78 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
cdbc107d76b3be4766575a0f07eef45ef9dd0617cb7e30d3f1b59f737c8d9e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx-rc
date
Wed, 27 Oct 2021 11:34:48 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
br

Redirect headers

server
nginx-rc/1.19.3.2
date
Wed, 27 Oct 2021 11:34:48 GMT
content-type
text/html
content-length
174
location
https://login-db.uno/
main.css
login-db.uno/assets/ 		235 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-db.uno/assets/main.css
Requested by
Host: login-db.uno
URL: https://login-db.uno/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.35.181.78 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
babe855d1efbfa3f08be7d6c0629da7aab30099baad5ae240ad9c3b13017f1f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:34:48 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 09:11:32 GMT
server
nginx-rc
etag
W/"61236644-3abe5"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000, public
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:34:48 GMT
custom-main.css
login-db.uno/assets/custom/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-db.uno/assets/custom/custom-main.css
Requested by
Host: login-db.uno
URL: https://login-db.uno/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.35.181.78 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
28d22e66c624c7cacd394669d963f2c394c88b972d7863d8bc6c01285a31f921
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:34:48 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 09:11:51 GMT
server
nginx-rc
etag
W/"61236657-1802"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000, public
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:34:48 GMT
all.js
use.fontawesome.com/releases/v5.3.1/js/ 		963 KB
342 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.3.1/js/all.js
Requested by
Host: login-db.uno
URL: https://login-db.uno/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cb270b4d9485a93b31df98113fda8723ffc067fa7bfa90cedd47b76f7b10be1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:34:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1126552
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
3TDE3KHAM41KXCEB
x-amz-id-2
9/Zs4bACe6qmMj648L+MzsGeB0rNH6Ka1yD2YstVW2eGQ9LuuJvXIpiuZnlrhipaiDWURCkoIyg=
last-modified
Wed, 30 Jun 2021 15:42:14 GMT
server
cloudflare
etag
W/"d0482db440697a659af4980d2e841891"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tHyqEYD3tAocjh0yZa15sSCyvpgpve0WDhg9QsN4bQ35O40yiXwEQfdwOsVbPnqoc5vQ9ffdzCBfYMxhGQvXpq4m%2BHWTAbSt5o2Ym8bCv7TQB%2BEdWeAX%2BDpGItIk1fN5tS8M1OU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31556926
cf-ray
6a4b9e0dea2c6fd1-IAD
js
www.googletagmanager.com/gtag/ 		124 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RLHH6FDTQ9
Requested by
Host: login-db.uno
URL: https://login-db.uno/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
79a6891d13e83c50de2d34bbb65714e2ae8e50603da50ba5e660aac3a5945426
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:34:49 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
49396
x-xss-protection
0
expires
Wed, 27 Oct 2021 11:34:49 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: login-db.uno
URL: https://login-db.uno/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
27dfa43eaba35b1bdc31ec724340bef322a4f367a441b21f96162fb0bda2fbc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:34:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51439
x-xss-protection
0
server
cafe
etag
17132956625769154227
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 11:34:49 GMT
bootstrap.js
login-db.uno/assets/ 		123 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-db.uno/assets/bootstrap.js
Requested by
Host: login-db.uno
URL: https://login-db.uno/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.35.181.78 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
8d4dd33abfe49fce190971d45ac36dd0380882605828a5ce8099181ec93a6709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:34:48 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 09:11:31 GMT
server
nginx-rc
etag
W/"61236643-1eb97"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000, public
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:34:48 GMT
collect
www.google-analytics.com/g/ 		0
316 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-RLHH6FDTQ9&gtm=2oeak0&_p=1430357234&sr=1600x1200&ul=en-us&cid=1273937453.1635334489&_s=1&dl=https%3A%2F%2Flogin-db.uno%2F&dt=Login%20Portal%20Help&sid=1635334489&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RLHH6FDTQ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login-db.uno/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 11:34:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://login-db.uno
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/ 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9155004501226419&plah=login-db.uno
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
51fbc43a986a30d22ab621f23d0d95e51dd574f1f1b677af3bc77c226cf957cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:34:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
99003
x-xss-protection
0
server
cafe
etag
2748601908783812869
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 11:34:49 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/ Frame 1613 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 27 Oct 2021 04:50:41 GMT
expires
Wed, 10 Nov 2021 04:50:41 GMT
content-type
text/html; charset=UTF-8
etag
15765991816257340444
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4703
x-xss-protection
0
age
24248
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cookie.js
partner.googleadservices.com/gampad/ 		202 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=login-db.uno&callback=_gfp_s_&client=ca-pub-9155004501226419
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9155004501226419&plah=login-db.uno
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
759f1f22a6ca0e1f259ffae9b098e622947676145dee71f137a8c2c245165340
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:34:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
193
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=login-db.uno
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9155004501226419&plah=login-db.uno
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Oct 2021 11:34:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=login-db.uno
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9155004501226419&plah=login-db.uno
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Oct 2021 11:34:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 06C4 		133 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&adk=1812271804&adf=3025194257&lmt=1635334489&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flogin-db.uno%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334489251&bpp=4&bdt=521&idt=107&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=136427104300&frm=20&pv=2&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=124
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9155004501226419&plah=login-db.uno
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
bc978f1ff748b8409ac315444e673f1fbf4849e7488e4fbcac8f8b26ac7c1ac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 27 Oct 2021 11:34:50 GMT
server
cafe
content-length
32043
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 27 Oct 2021 11:34:50 GMT
cache-control
private
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/ 		143 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9155004501226419&plah=login-db.uno
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a92f4e0e6359374bf1da61525973ba062952489af08cc7cb2a32fe693f757d7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:34:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
52847
x-xss-protection
0
server
cafe
etag
14086096054196716776
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 11:34:50 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=login-db.uno
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9155004501226419&plah=login-db.uno
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Oct 2021 11:34:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=login-db.uno
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9155004501226419&plah=login-db.uno
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Oct 2021 11:34:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B9E4 		91 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9155004501226419&plah=login-db.uno
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
2ec0330d30ce7b483114e85b05019ff06f09d598eb8f1acdc9b9dc0c9dbd9593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 27 Oct 2021 11:34:50 GMT
server
cafe
content-length
31968
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 27 Oct 2021 11:34:50 GMT
cache-control
private
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=login-db.uno
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9155004501226419&plah=login-db.uno
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Oct 2021 11:34:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=login-db.uno
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9155004501226419&plah=login-db.uno
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Oct 2021 11:34:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/ Frame 9670 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9155004501226419&plah=login-db.uno
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 26 Oct 2021 12:01:23 GMT
expires
Tue, 09 Nov 2021 12:01:23 GMT
content-type
text/html; charset=UTF-8
etag
15765991816257340444
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4703
x-xss-protection
0
age
84807
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
css2
fonts.googleapis.com/ Frame 9670 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 09:49:32 GMT
server
ESF
date
Wed, 27 Oct 2021 11:34:50 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 27 Oct 2021 11:34:50 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9670 		205 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:22:03 GMT
x-content-type-options
nosniff
age
90767
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 26 Oct 2022 10:22:03 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9670 		604 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 13:01:21 GMT
x-content-type-options
nosniff
age
81209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 26 Oct 2022 13:01:21 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame 9670 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
3108a595755e4b68a8c9af8465be4462d8d3479043a586bfd3bc18c97c06fe6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
445
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7873
x-xss-protection
0
server
cafe
etag
16040667361225943213
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Nov 2021 11:27:25 GMT
css
fonts.googleapis.com/ Frame 42D1 		3 KB
580 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 09:48:59 GMT
server
ESF
date
Wed, 27 Oct 2021 11:34:50 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 27 Oct 2021 11:34:50 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 42D1 		2 KB
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:33:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Nov 2021 11:33:14 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 42D1 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:30:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Nov 2021 11:30:49 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 42D1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Nov 2021 11:33:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 42D1 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:34:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635161763799786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 27 Oct 2021 11:34:50 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 42D1 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:33:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Nov 2021 11:33:18 GMT
9a3fbb06dccc6bd708ce8a7c18eecc3a.js
www.gstatic.com/mysidia/ Frame 42D1 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9a3fbb06dccc6bd708ce8a7c18eecc3a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 12:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11281
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 08:51:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 19 Jan 2022 12:30:39 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A400 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 27 Oct 2021 10:37:39 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3431
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
si
googleads.g.doubleclick.net/pagead/drt/ Frame A400
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 27 Oct 2021 11:34:50 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 27 Oct 2021 11:34:50 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 27 Oct 2021 11:34:50 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fc1a83b05116a3404e5ea11a6cf94b59.js
www.gstatic.com/mysidia/ Frame B9E4 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fc1a83b05116a3404e5ea11a6cf94b59.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
056220caa42baa199898a53a29b2ae6ac682c388dc2b9d6c5d6837dac2a9492c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 22:55:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
477585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3265
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 08:51:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 19 Jan 2022 22:55:05 GMT
b2db7898b7f1b584d1a212b8dce47919.js
www.gstatic.com/mysidia/ Frame B9E4 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b2db7898b7f1b584d1a212b8dce47919.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
9ec480bd89e160fa31d6851ad01df733db86eaa51a1e90e25a5870823709a7fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
524230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3408
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 20:25:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 19 Jan 2022 09:57:40 GMT
css
fonts.googleapis.com/ Frame B9E4 		3 KB
580 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 11:20:15 GMT
server
ESF
date
Wed, 27 Oct 2021 11:34:50 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 27 Oct 2021 11:34:50 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame B9E4 		2 KB
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:33:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Nov 2021 11:33:14 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame B9E4 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:30:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Nov 2021 11:30:49 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame B9E4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Nov 2021 11:33:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B9E4 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:34:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635161763799786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 27 Oct 2021 11:34:50 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame B9E4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:33:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Nov 2021 11:33:18 GMT
l
www.google.com/ads/measurement/ Frame B9E4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOAya4j7NDVbYYrvUVDuqkkh1m7OMQx4X6AZ2mRnUtCElCzb0BwDH2nWM6iRwSUtSa1ILO3MEu0_XZ8aWbHJXx6Q__mQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
9a3fbb06dccc6bd708ce8a7c18eecc3a.js
www.gstatic.com/mysidia/ Frame B9E4 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9a3fbb06dccc6bd708ce8a7c18eecc3a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 12:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11281
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 08:51:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 19 Jan 2022 12:30:39 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B9E4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CaPUnWjl5YbPvCZLKx_AP4I6HiA_xjdf7ZdWH7N_jDsCNtwEQASDBzZ-EAWCV4pCCoAegAf-tvI8ByAEBqAMByAPLBKoE1QFP0Maw9VjRqLkKzS-WIobFlYwOB6z7pwZOjJDthUZR9yPDN7phiiiHeEdKg-0ouVCe6mUsOWSF7pV7mnvPmEOLCbzacm8mBuUlZGYk6cC4RYtYZugJ145aRdzfCkLW0CxUDJhncjcIovK-rfEQ7Y72tpzDKDyLEs6G_jY4oa2ZlfiaQObWcRAxIs7aOMh5Yo3RcDi-kwoud2QjaIt0nx8zGaYeky7eYoiwc1i1ZAlzL_4X14NVBBkUFXCqV36sJePNQgwGDmBZKiBxjWasnzVHk0PSPdHABMbX_ofbA4AH6dHD8AKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ5ucW0ggJCIDhgBAQARhfgAoByAsB2BMDiBQB0BUBgBcBshccChoIABIUcHViLTkxNTUwMDQ1MDEyMjY0MTkYAA&sigh=0ZxeXbNkanQ&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 27 Oct 2021 11:34:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 17A2 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 27 Oct 2021 10:37:39 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3431
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7D03 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 27 Oct 2021 08:58:57 GMT
expires
Thu, 28 Oct 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
9353
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
si
googleads.g.doubleclick.net/pagead/drt/ Frame 17A2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 27 Oct 2021 11:34:50 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 27 Oct 2021 11:34:50 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 27 Oct 2021 11:34:50 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dpixel
cms.quantserve.com/ Frame 7D03 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENA9gNqHP5gqlnOUz-IkOv4&google_cver=1&google_push=AYg5qPLhtJiczkyzObiDc0BSeaUe1AptLzXzqeRSahkqHX_OKADERKmyGgukM5Y65ZmcBZxh6o0zKYaVlIciS_5nlk2qxZGAPg05vA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 11:34:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7D03
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEAx-BDQVYkDx_UJHdiaBVuQ&google_cver=1&google_push=AYg5qPJFWQq7dnyfMU4eDv75bA_BRANCU3oG3YMkBKNapBuKeULGwe6ITZUNbh8V-IdqbEtro5zWZ2bbU4dkGaj7OLd0w8t1hi2U2g
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJFWQq7dnyfMU4eDv75bA_BRANCU3oG3YMkBKNapBuKeULGwe6ITZUNbh8V-IdqbEtro5zWZ2bbU4dkGaj7OLd0w8t1hi2U2g&google_hm=Q0FFU0VBeC1CRFFWWWt...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJFWQq7dnyfMU4eDv75bA_BRANCU3oG3YMkBKNapBuKeULGwe6ITZUNbh8V-IdqbEtro5zWZ2bbU4dkGaj7OLd0w8t1hi2U2g&google_hm=Q0FFU0VBeC1CRFFWWWtEeF9VSkhkaWFCVnVR
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 11:34:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 27 Oct 2021 11:34:50 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJFWQq7dnyfMU4eDv75bA_BRANCU3oG3YMkBKNapBuKeULGwe6ITZUNbh8V-IdqbEtro5zWZ2bbU4dkGaj7OLd0w8t1hi2U2g&google_hm=Q0FFU0VBeC1CRFFWWWtEeF9VSkhkaWFCVnVR
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7D03
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGs1c4j1UrEOQ-zK_KzRgYs&google_cver=1&google_push=AYg5qPLeD3MWLSpAfqzq6FQwx5JZC0GX_q1MK-n7bqV7glYvBDb-x20rMIvOsR0FmCstETkWRnFAqwTaFHcJ6iLz2_q_KHAyvsR99Q
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGs1c4j1UrEOQ-zK_KzRgYs&google_cver=1&google_push=AYg5qPLeD3MWLSpAfqzq6FQwx5JZC0GX_q1MK-n7bqV7glYvBDb-x20rMIvOsR0FmCstETkWRnFAqwTaFHcJ6iLz2_q_KHAyvsR99...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLeD3MWLSpAfqzq6FQwx5JZC0GX_q1MK-n7bqV7glYvBDb-x20rMIvOsR0FmCstETkWRnFAqwTaFHcJ6iLz2_q_KHAyvsR99Q&google_hm=LaUOauqPw4Aq-feFh3_cIA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLeD3MWLSpAfqzq6FQwx5JZC0GX_q1MK-n7bqV7glYvBDb-x20rMIvOsR0FmCstETkWRnFAqwTaFHcJ6iLz2_q_KHAyvsR99Q&google_hm=LaUOauqPw4Aq-feFh3_cIA==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 11:34:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 27 Oct 2021 11:34:50 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLeD3MWLSpAfqzq6FQwx5JZC0GX_q1MK-n7bqV7glYvBDb-x20rMIvOsR0FmCstETkWRnFAqwTaFHcJ6iLz2_q_KHAyvsR99Q&google_hm=LaUOauqPw4Aq-feFh3_cIA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
9sgggr74bqg65g4tsb4b0qj3v4lur6vn
pixel
cm.g.doubleclick.net/ Frame 7D03
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cSbxj6NiQSaG5iDtmJOZhA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cSbxj6NiQSaG5iDtmJOZhA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKG-YaiwBO4EnaB1mXa596tqCtT_ThFwCMXLuhZmF0VWdWvwI4HEA0cVNZ11rxkU__NcZvtD9VFj8Z2tO4aLgGSJD7GVEoTDg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 11:34:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cSbxj6NiQSaG5iDtmJOZhA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKG-YaiwBO4EnaB1mXa596tqCtT_ThFwCMXLuhZmF0VWdWvwI4HEA0cVNZ11rxkU__NcZvtD9VFj8Z2tO4aLgGSJD7GVEoTDg
date
Wed, 27 Oct 2021 11:34:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 7D03
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFfdUHW7A1Q9_Xb6DnntAWo&google_cver=1&google_push=AYg5qPJ-oQg-MkvnIeG-81uSo3Rn427Zc_wnqjT11qBjg8INqPOR5EeyShvyg8NsPic2pJ64Fd1...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y5RlhLVUotMUstQjVGVw==&google_push=AYg5qPJ-oQg-MkvnIeG-81uSo3Rn427Zc_wnqjT11qBjg8INqPOR5EeyShvyg8NsPic2pJ64Fd1xgHdEHfrCbjnFpF7KlIQ55HEbzg
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y5RlhLVUotMUstQjVGVw==&google_push=AYg5qPJ-oQg-MkvnIeG-81uSo3Rn427Zc_wnqjT11qBjg8INqPOR5EeyShvyg8NsPic2pJ64Fd1xgHdEHfrCbjnFpF7KlIQ55HEbzg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 11:34:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y5RlhLVUotMUstQjVGVw==&google_push=AYg5qPJ-oQg-MkvnIeG-81uSo3Rn427Zc_wnqjT11qBjg8INqPOR5EeyShvyg8NsPic2pJ64Fd1xgHdEHfrCbjnFpF7KlIQ55HEbzg
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7D03
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdF...
0
0
trk
ag.innovid.com/ Frame 7D03 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESELB3ySIt_HKR1igzzUScBxI&google_cver=1&google_push=AYg5qPJuvd0DJkgJvs2_0LFLE23fLWxGtlShLOtTqJwauAJO6FMxCQRv6ISQYm3UOT6nFO_j3DMVkKP0wQVD8VpdGW6GbZBAFDkPYw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.3.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-3-192.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 11:34:50 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 7D03 		0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KAPOLrEYbrVyD9ETc9EcZgqzvwwouHatAfmK9e8YkKyWNzgbFT5IdnXzfs2oHg_ay2Gkr3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:34:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame B9E4 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0fda34d07c040c53f757280bfb529b5ea7105902d2759fcbdc599661c41ae73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame B9E4 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 02:15:39 GMT
x-content-type-options
nosniff
age
551951
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 02:15:39 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame B9E4 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 18:21:26 GMT
x-content-type-options
nosniff
age
148404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 25 Oct 2022 18:21:26 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9155004501226419&plah=login-db.uno
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
00fa9657a64eba0e20f03f249dc0fb069345d52feca662cfeed864d1f2d562bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Oct 2021 11:34:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8592
x-xss-protection
0
DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame 57E1 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9155004501226419&output=html&h=280&adk=4070374814&adf=2289084161&pi=t.aa~a.1679751919~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1635334490&rafmt=1&to=qs&pwprc=4725685966&psa=0&format=1200x280&url=https%3A%2F%2Flogin-db.uno%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635334490062&bpp=3&bdt=1332&idt=3&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df9bde11617afce31-2256f4d200cb0095%3AT%3D1635334489%3ART%3D1635334489%3AS%3DALNI_MZxSF06UWFtKBbhqYathQdAirYrcA&prev_fmts=0x0&nras=2&correlator=136427104300&frm=20&pv=1&ga_vid=1273937453.1635334489&ga_sid=1635334489&ga_hid=1430357234&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752093%2C31062423%2C31063300%2C31062525%2C31063183&oid=2&pvsid=1014939342247334&pem=5&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ut8To2013s&p=https%3A//login-db.uno&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 09:25:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
7741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13408
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 27 Oct 2022 09:25:50 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9155004501226419&plah=login-db.uno
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:34:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 27 Oct 2021 11:34:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A42B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 27 Oct 2021 11:30:22 GMT
expires
Thu, 27 Oct 2022 11:30:22 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
269
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 81B7 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
GSE /
Resource Hash
7b757ef108154b0dfb4031c15fbdeb36886566fbad6de655ff2b627909bbc750
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eOyhulcx/39mOJYM0tNcPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 27 Oct 2021 11:34:51 GMT
date
Wed, 27 Oct 2021 11:34:51 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-eOyhulcx/39mOJYM0tNcPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame A42B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 09:25:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
7741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13408
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 27 Oct 2022 09:25:50 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 81B7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=1014939342247334&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=1014939342247334&bg=!zM-lz4vNAAbUs_yW1LM7ACkAdvg8Wgs3dWcJvNwLdY10zKUON2WsXDU2UwWIW_XYvywlnF5dRX2HsgIAAABlUgAAAAdoAQeZAsLbV6Y6q77pdJ5AcHswfGWqqSBfjqIe-TuiOmgsuQSRW2G1anmlxJTf1q7Fi78s208p7ixf9Kf2A8M2RnT0k7Y8wgYRcwF4PzIDFcUZXlOYwm-fusF_Al6k4b_wKbGwvnxJOwEoKCc_nvg9wE9pp_AThFkh035woyWRQtfSjv8kAfJq95myNavMQ6hgiWZbqAlfaCXSnp1Uzoi0WtCLxWRRxoypwVWPGGT0Zgu9G5s4IgC2AXysDuOmcJRk9OhwAVs4yiJ-ntBUXsQKUv4FJgwgBlsi9EMRcAjklKIxMk42PvDmr8bBKdcjGPtrK4MGrGVLZWKA22uXpW3B6hzN028HPCCQsiJb5Dj5NIT93bh5qwQJf-Dp02m8Rlq50XrRhi_IJoN-kztUjeQ_D7PT-ooayCFdFaP16UVAi0x0PctzLy8ykiagYbvNAhO95fAtTbzV9n9Hf65JaJDCXVIBoeer-7K5IzAzo7taEox4pwoCzuSUmZUeuaSQJbDGFkI243UgxvxLIyzH4Adgzo3zWq7johSCQtuNXgQazDRlL9UXUXZqugdneyjsN8PS2qBdkuwjpvb6KcARq3B6pxbErEdmrfR9YCm0H45j_fHB6dFG_DnnG8SCX-veVq98WeDOPLzyEzIkXG5L7qXquuYnPbTBUdyWC6fXQORNmHWymr5rHaQF_Oi5ekKrEfVcIPBcB6yAsLn92dV3Kk9qF3-_GhAVRVrBcFyb8jTKsvEuB5mswPuFSwWC5Z4MgXn_wg7PrlP0qhhAQTR87ERNBScdapj8Y_hf2OmpiurRFAzwdPAmZYBmk_Y7W8wJLfDZkqQgL6J1lL1T6CPEDddsqMfAlmiwIygvEJ1eYFbFqqj66ZYXtLFzfehb1FbMcjiMd39SVXnUW7JG7COtC4q7PfiP9XUj8VXUW8Dqs8gqQ0ruF_K2r-X7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login-db.uno/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 11:34:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| gtag object| dataLayer object| acc function| api function| onSelect undefined| RingMultiLang function| $ function| jQuery function| lazyload function| LazyLoad function| QRious function| bulmahead object| google_tag_manager object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| google_llp number| google_lpabyc object| googletag object| GoogleGcLKhOms object| google_image_requests

17 Cookies

Domain/Path Name / Value
.login-db.uno/ Name: _ga_RLHH6FDTQ9
Value: GS1.1.1635334489.1.0.1635334489.0
.login-db.uno/ Name: _ga
Value: GA1.1.1273937453.1635334489
.login-db.uno/ Name: __gads
Value: ID=f9bde11617afce31-2256f4d200cb0095:T=1635334489:RT=1635334489:S=ALNI_MZxSF06UWFtKBbhqYathQdAirYrcA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUmuyX2AQZT1r46_qNb2sdYIMZZvrWSobhFR3M7qdDPEXZZvvk3ecTm8rwUa
.quantserve.com/ Name: d
Value: EHYBCQHKJIEA
.quantserve.com/ Name: mc
Value: 6179395a-c8707-d4d94-cf10b
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.agkn.com/ Name: ab
Value: 0001%3ALKeXnSN%2BI6iUBT4Kdoc1sNHvGfYdPovD
.agkn.com/ Name: u
Value: C|0CEApC_XaKQv12gAAAAAAAQ13AQCAAQpAAAAAAA
.casalemedia.com/ Name: CMID
Value: YXk5Wrs9PjEE68AjQgAH.gAA
.casalemedia.com/ Name: CMPS
Value: 3222
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 7126F18F-A362-4126-86E6-20ED98939984
.casalemedia.com/ Name: CMPRO
Value: 1192
.casalemedia.com/ Name: CMST
Value: YXk5WmF5OVoA
.openx.net/ Name: i
Value: 215fbb0f-ea8e-4559-965b-73da3041d567|1635334490
.innovid.com/ Name: uuid
Value: dca78dde-3f3c-4a1c-a53e-3866ce55b99c-20211027 07:34:50

1 Console Messages

Source Level URL
Text
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXk5Wrs9PjEE68AjQgAH-gAABKgAAAIB&google_cver=1&google_push=AYg5qPK9XywupqTNqSvcfC9JVxCN6pJY0xDVWomSLdzvOxUoiXyPnQ-IDFZMCQS3ecwrL1No4BdFufEjnj8UKlFFxObVOE5KoVlhcg&google_gid=CAESEKfYUgsbY3vRywpP1NDbEmE
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
login-db.uno
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
tpc.googlesyndication.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.login-db.uno
cm.g.doubleclick.net
142.250.181.227
142.250.184.227
142.250.185.100
142.250.185.130
142.250.185.226
142.250.185.234
142.250.186.162
142.250.186.168
142.250.186.34
142.250.186.46
142.250.186.66
142.250.74.194
161.35.181.78
172.217.18.97
172.67.214.69
18.133.3.192
18.184.251.131
198.47.127.19
216.58.212.130
35.227.252.103
69.173.144.139
91.228.74.133
00fa9657a64eba0e20f03f249dc0fb069345d52feca662cfeed864d1f2d562bc
056220caa42baa199898a53a29b2ae6ac682c388dc2b9d6c5d6837dac2a9492c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
27dfa43eaba35b1bdc31ec724340bef322a4f367a441b21f96162fb0bda2fbc9
28d22e66c624c7cacd394669d963f2c394c88b972d7863d8bc6c01285a31f921
2ec0330d30ce7b483114e85b05019ff06f09d598eb8f1acdc9b9dc0c9dbd9593
3108a595755e4b68a8c9af8465be4462d8d3479043a586bfd3bc18c97c06fe6d
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
51fbc43a986a30d22ab621f23d0d95e51dd574f1f1b677af3bc77c226cf957cf
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
759f1f22a6ca0e1f259ffae9b098e622947676145dee71f137a8c2c245165340
79a6891d13e83c50de2d34bbb65714e2ae8e50603da50ba5e660aac3a5945426
7b757ef108154b0dfb4031c15fbdeb36886566fbad6de655ff2b627909bbc750
8cb270b4d9485a93b31df98113fda8723ffc067fa7bfa90cedd47b76f7b10be1
8d4dd33abfe49fce190971d45ac36dd0380882605828a5ce8099181ec93a6709
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ec480bd89e160fa31d6851ad01df733db86eaa51a1e90e25a5870823709a7fd
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a92f4e0e6359374bf1da61525973ba062952489af08cc7cb2a32fe693f757d7f
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
babe855d1efbfa3f08be7d6c0629da7aab30099baad5ae240ad9c3b13017f1f9
bc978f1ff748b8409ac315444e673f1fbf4849e7488e4fbcac8f8b26ac7c1ac9
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
cdbc107d76b3be4766575a0f07eef45ef9dd0617cb7e30d3f1b59f737c8d9e7d
dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab
e0fda34d07c040c53f757280bfb529b5ea7105902d2759fcbdc599661c41ae73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829