www.safetyml.com Open in urlscan Pro
192.185.166.156 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.safetyml.com/
Submission: On September 15 via automatic, source certstream-suspicious (September 15th 2021, 12:43:49 pm UTC) — Scanned from DE

Summary HTTP 50 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 12 IPs in 1 countries across 11 domains to perform 50 HTTP transactions. The main IP is 192.185.166.156, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.safetyml.com.
TLS certificate: Issued by R3 on July 16th 2021. Valid for: 3 months.

This is the only time www.safetyml.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	192.185.166.156 192.185.166.156	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
4	192.185.166.16 192.185.166.16	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	216.58.212.206 216.58.212.206	15169 (GOOGLE) (GOOGLE)
13	142.250.187.226 142.250.187.226	15169 (GOOGLE) (GOOGLE)
3	142.250.200.10 142.250.200.10	15169 (GOOGLE) (GOOGLE)
6	142.250.187.227 142.250.187.227	15169 (GOOGLE) (GOOGLE)
1	142.250.200.34 142.250.200.34	15169 (GOOGLE) (GOOGLE)
1	172.217.16.226 172.217.16.226	15169 (GOOGLE) (GOOGLE)
2	142.250.200.2 142.250.200.2	15169 (GOOGLE) (GOOGLE)
7	172.217.16.225 172.217.16.225	15169 (GOOGLE) (GOOGLE)
1	216.58.212.196 216.58.212.196	15169 (GOOGLE) (GOOGLE)
50	12

10 192.185.166.156 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: ns1736.websitewelcome.com

www.safetyml.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.185.166.16 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-185-166-16.unifiedlayer.com

pivotpt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.206 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s27-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.187.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s34-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.200.10 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s29-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.187.227 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s34-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.200.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s30-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s28-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.200.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s29-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.225 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s28-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.196 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams16s21-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	245 KB
10	safetyml.com www.safetyml.com	543 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	101 KB
4	doubleclick.net googleads.g.doubleclick.net	30 KB
4	pivotpt.com pivotpt.com	527 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	google.com adservice.google.com www.google.com	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	268 B
50	11

	Domain	Requested by
10	www.safetyml.com	www.safetyml.com
8	pagead2.googlesyndication.com	www.safetyml.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	pivotpt.com	www.safetyml.com
3	fonts.googleapis.com	www.safetyml.com googleads.g.doubleclick.net
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.google-analytics.com	www.safetyml.com www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
50	14

This site contains links to these domains. Also see Links.

Domain
safetyml.com
pivotpt.com
en.wikipedia.org
sebokwiki.org
de.wikipedia.org
mbse.works

Subject Issuer	Validity	Valid
safetyml.com R3	`2021-07-16` - `2021-10-14`	3 months	crt.sh
consulting.pivotpt.com R3	`2021-09-15` - `2021-12-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.safetyml.com/
Frame ID: 4BA08F8A4204D2B3AB59D451F211ABF2
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Frame ID: 0E84AEE671B6DCE18B099892775F098D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4503054387132604&output=html&h=280&slotname=1227520675&adk=4207216397&adf=197352427&pi=t.ma~as.1227520675&w=956&fwrn=4&fwrnh=100&lmt=1568275797&rafmt=1&psa=0&format=956x280&url=https%3A%2F%2Fwww.safetyml.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631709823628&bpp=5&bdt=601&idt=95&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=1316164117773&frm=20&pv=2&ga_vid=386312749.1631709824&ga_sid=1631709824&ga_hid=31793754&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=322&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062518%2C31062297&oid=3&pvsid=58770996139610&pem=974&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ZZI7O12Hgy&p=https%3A//www.safetyml.com&dtd=111
Frame ID: 4CD04CBDA1CC34A1A5D99AE7F6219614
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4503054387132604&output=html&adk=1812271804&adf=3025194257&lmt=1568275797&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.safetyml.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631709823779&bpp=2&bdt=752&idt=2&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=956x280&nras=1&correlator=1316164117773&frm=20&pv=1&ga_vid=386312749.1631709824&ga_sid=1631709824&ga_hid=31793754&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062518%2C31062297&oid=3&pvsid=58770996139610&pem=974&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=11
Frame ID: E11EB5758119FEC47671211A6EFA7DEE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Frame ID: DBF21F9332EED3D6E56781AA0F46FAB1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 7AE9897F8228DD34CD2EB6CE04C317B6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 180A78ADD7A33AD95068ABFCB39D512A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SafetyML: Safety Modeling Language for Safety-Critical Apps

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

12
IPs

1
Countries

1537 kB
Transfer

2546 kB
Size

5
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://safetyml.com/
Title: SafetyML.com

Search URL Search Domain Scan URL

URL: http://pivotpt.com/training/custom/mbfs-safetyml/

Search URL Search Domain Scan URL

URL: https://pivotpt.com/training/cyber/

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/V-Model
Title: System V-Model (a.k.a. System Vee Model)

Search URL Search Domain Scan URL

URL: http://sebokwiki.org/wiki/System_Life_Cycle_Process_Models:_Vee
Title: "left side" of the System-V Model

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/ISO_26262
Title: ISO 26262

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/DO-178C
Title: DO-178-C

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/ISO_14971
Title: ISO 14971

Search URL Search Domain Scan URL

URL: https://de.wikipedia.org/wiki/EN_50128
Title: EN 50128

Search URL Search Domain Scan URL

URL: http://mbse.works/mbse-overview/
Title: Model-Based Systems Engineering (MBSE) using SysML

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Functional_safety
Title: Functional Safety

Search URL Search Domain Scan URL

URL: http://pivotpt.com/about/people/cris-kobryn-bio.html
Title: Cris Kobryn

Search URL Search Domain Scan URL

URL: https://pivotpt.com/about/contact/
Title: PivotPoint Technology™

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.safetyml.com/ 33 KB
11 KB 433ms
142ms Document
text/html 192.185.166.156
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safetyml.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.166.156 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: ns1736.websitewelcome.com
Software: Apache /
Resource Hash: 48ac8d8a51bf8cf9bc66f122957d7b1e9173b42b67519372ffa176bec41efdcb

Request headers

:method: GET
:authority: www.safetyml.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 15 Sep 2021 12:43:42 GMT
server: Apache
last-modified: Thu, 12 Sep 2019 08:09:57 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10741
content-type: text/html

GET
H2 200 consolidated.css
www.safetyml.com/rw_common/themes/foundation/ 218 KB
43 KB 368ms
367ms Stylesheet
text/css 192.185.166.156
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safetyml.com/rw_common/themes/foundation/consolidated.css
Requested by: Host: www.safetyml.com
URL: https://www.safetyml.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.166.156 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: ns1736.websitewelcome.com
Software: Apache /
Resource Hash: 624242ac0854f320d5ecc127944303fd671b09caef14b561fbf7af039c6aff80

Request headers

:path: /rw_common/themes/foundation/consolidated.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.safetyml.com
referer: https://www.safetyml.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:43 GMT
content-encoding: gzip
last-modified: Thu, 12 Sep 2019 08:09:55 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 200 stacks.css
www.safetyml.com/rw_common/plugins/stacks/ 2 KB
564 B 139ms
138ms Stylesheet
text/css 192.185.166.156
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safetyml.com/rw_common/plugins/stacks/stacks.css
Requested by: Host: www.safetyml.com
URL: https://www.safetyml.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.166.156 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: ns1736.websitewelcome.com
Software: Apache /
Resource Hash: ab7bad3e49f2a03f26633df681f054a9f4ede20ed5ec2b9f954fd6538327f7e6

Request headers

:path: /rw_common/plugins/stacks/stacks.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.safetyml.com
referer: https://www.safetyml.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:43 GMT
content-encoding: gzip
last-modified: Thu, 12 Sep 2019 08:09:50 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 479

GET
H2 200 stacks_page_page0.css
www.safetyml.com/index_files/ 95 KB
15 KB 274ms
273ms Stylesheet
text/css 192.185.166.156
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safetyml.com/index_files/stacks_page_page0.css
Requested by: Host: www.safetyml.com
URL: https://www.safetyml.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.166.156 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: ns1736.websitewelcome.com
Software: Apache /
Resource Hash: 4c1f3940355908364812467b37387fedee239854c951aa8a38c2e61a4468aad6

Request headers

:path: /index_files/stacks_page_page0.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.safetyml.com
referer: https://www.safetyml.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:43 GMT
content-encoding: gzip
last-modified: Thu, 12 Sep 2019 08:09:57 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 15396

GET
H2 200 jquery-2.2.4.min.js Show response
www.safetyml.com/rw_common/plugins/stacks/ 84 KB
37 KB 275ms
274ms Script
application/javascript 192.185.166.156
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safetyml.com/rw_common/plugins/stacks/jquery-2.2.4.min.js
Requested by: Host: www.safetyml.com
URL: https://www.safetyml.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.166.156 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: ns1736.websitewelcome.com
Software: Apache /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

:path: /rw_common/plugins/stacks/jquery-2.2.4.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.safetyml.com
referer: https://www.safetyml.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:43 GMT
content-encoding: gzip
last-modified: Thu, 12 Sep 2019 08:09:51 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 font-awesome.min.css
www.safetyml.com/rw_common/plugins/stacks/ 30 KB
7 KB 141ms
140ms Stylesheet
text/css 192.185.166.156
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safetyml.com/rw_common/plugins/stacks/font-awesome.min.css
Requested by: Host: www.safetyml.com
URL: https://www.safetyml.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.166.156 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: ns1736.websitewelcome.com
Software: Apache /
Resource Hash: fd00bbafd075c724d48213b6ad9f6091984ab5ada86a11f77241f316ce25cf19

Request headers

:path: /rw_common/plugins/stacks/font-awesome.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.safetyml.com
referer: https://www.safetyml.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:43 GMT
content-encoding: gzip
last-modified: Thu, 12 Sep 2019 08:09:47 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 7106

GET
H2 200 stacks_page_page0.js Show response
www.safetyml.com/index_files/ 29 KB
11 KB 142ms
141ms Script
application/javascript 192.185.166.156
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safetyml.com/index_files/stacks_page_page0.js
Requested by: Host: www.safetyml.com
URL: https://www.safetyml.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.166.156 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: ns1736.websitewelcome.com
Software: Apache /
Resource Hash: 0dcb523a2ad992fd5888295e9568b5a15abec3ed4ad49d4cbaac6b77b871cf74

Request headers

:path: /index_files/stacks_page_page0.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.safetyml.com
referer: https://www.safetyml.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:43 GMT
content-encoding: gzip
last-modified: Thu, 12 Sep 2019 08:09:52 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 10664

GET
H2 200 SafetyML-Logo-Trimmed-170611A.png
www.safetyml.com/rw_common/images/ 297 KB
299 KB 144ms
144ms Image
image/png 192.185.166.156
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safetyml.com/rw_common/images/SafetyML-Logo-Trimmed-170611A.png
Requested by: Host: www.safetyml.com
URL: https://www.safetyml.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.166.156 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: ns1736.websitewelcome.com
Software: Apache /
Resource Hash: cae49cade8ecdee7e17f9a783f1523b46a9def33941de98954db862d5bfed510

Request headers

:path: /rw_common/images/SafetyML-Logo-Trimmed-170611A.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.safetyml.com
referer: https://www.safetyml.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:43 GMT
last-modified: Thu, 12 Sep 2019 08:09:51 GMT
server: Apache
accept-ranges: bytes
content-length: 303956
content-type: image/png

GET
H2 200 Safety-Logo-400x400.png
pivotpt.com/.res/images/ 136 KB
137 KB 1073ms
244ms Image
image/png 192.185.166.16
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pivotpt.com/.res/images/Safety-Logo-400x400.png
Requested by: Host: www.safetyml.com
URL: https://www.safetyml.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.166.16 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-166-16.unifiedlayer.com
Software: Apache /
Resource Hash: 54c378a3dc762c7d1ef4b344ba8fe84fcc0b2a23d1bc6ff68ab02fb19ce6a038

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:44 GMT
last-modified: Sun, 17 Mar 2019 07:04:17 GMT
server: Apache
accept-ranges: bytes
content-length: 139195
content-type: image/png

GET
H2 200 SafetyML-Logo.png
pivotpt.com/.res/images/ 192 KB
194 KB 956ms
128ms Image
image/png 192.185.166.16
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pivotpt.com/.res/images/SafetyML-Logo.png
Requested by: Host: www.safetyml.com
URL: https://www.safetyml.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.166.16 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-166-16.unifiedlayer.com
Software: Apache /
Resource Hash: 8e8b0bca9732f6d367ded81968fbb77290aa43fd2fe8c77fcc5b8b587c5f3b3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:44 GMT
last-modified: Sun, 17 Mar 2019 07:04:20 GMT
server: Apache
accept-ranges: bytes
content-length: 196746
content-type: image/png

GET
H2 200 MBSE-Logo-400x400.png
pivotpt.com/.res/images/ 59 KB
59 KB 957ms
128ms Image
image/png 192.185.166.16
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pivotpt.com/.res/images/MBSE-Logo-400x400.png
Requested by: Host: www.safetyml.com
URL: https://www.safetyml.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.166.16 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-166-16.unifiedlayer.com
Software: Apache /
Resource Hash: 1caff32cf0f5ed6aaf9d52c765a2e810e0b66e9ce21ead41469b17d4da001a12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:44 GMT
last-modified: Sun, 17 Mar 2019 07:04:19 GMT
server: Apache
accept-ranges: bytes
content-length: 60088
content-type: image/png

GET
H2 200 Cyber-Logo-400x400.png
pivotpt.com/.res/images/ 137 KB
138 KB 957ms
128ms Image
image/png 192.185.166.16
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pivotpt.com/.res/images/Cyber-Logo-400x400.png
Requested by: Host: www.safetyml.com
URL: https://www.safetyml.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.166.16 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-166-16.unifiedlayer.com
Software: Apache /
Resource Hash: bb88dd85bcb2507773482ea00eaa8f0bb39b8e49391f51c3579842f78a3307ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:44 GMT
last-modified: Sun, 17 Mar 2019 07:04:21 GMT
server: Apache
accept-ranges: bytes
content-length: 140051
content-type: image/png

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 105ms
33ms Script
text/javascript 216.58.212.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.safetyml.com
URL: https://www.safetyml.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.206 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s27-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 3694
date: Wed, 15 Sep 2021 11:42:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 15 Sep 2021 13:42:09 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 93ms
38ms Script
text/javascript 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.safetyml.com
URL: https://www.safetyml.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

cafe /

Resource Hash

bee58afdc397eb6599b9e916b8c58204daf8fbcea2752867581f3eceae78b7e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48958
x-xss-protection: 0
server: cafe
etag: 13293848612031183406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 12:43:43 GMT

GET
H2 200 foundation.min.js Show response
www.safetyml.com/rw_common/themes/foundation/ 125 KB
44 KB 150ms
149ms Script
application/javascript 192.185.166.156
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safetyml.com/rw_common/themes/foundation/foundation.min.js
Requested by: Host: www.safetyml.com
URL: https://www.safetyml.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.166.156 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: ns1736.websitewelcome.com
Software: Apache /
Resource Hash: d4cd7bda4c529b5312184b87f605b88fe893e0d12918dce2f42cd1a1a47b04dc

Request headers

:path: /rw_common/themes/foundation/foundation.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.safetyml.com
referer: https://www.safetyml.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:43 GMT
content-encoding: gzip
last-modified: Thu, 12 Sep 2019 08:09:55 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 85ms
29ms Stylesheet
text/css 142.250.200.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:300,400,600,400

Requested by

Host: www.safetyml.com
URL: https://www.safetyml.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.200.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s29-in-f10.1e100.net

Software

ESF /

Resource Hash

b25a979b1ecc03c7032dd966b2bcc6cdf1be8751f890d3aac54cfafb87593d21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 12:43:43 GMT
server: ESF
date: Wed, 15 Sep 2021 12:43:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 12:43:43 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 99ms
45ms Font
font/woff2 142.250.187.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:300,400,600,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f3.1e100.net

Software

sffe /

Resource Hash

9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.safetyml.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 06:04:39 GMT
x-content-type-options: nosniff
age: 196744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:22:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 06:04:39 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 72ms
20ms Font
font/woff2 142.250.187.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:300,400,600,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f3.1e100.net

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.safetyml.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:15:21 GMT
x-content-type-options: nosniff
age: 1702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 12:15:21 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/ 251 KB
93 KB 50ms
50ms Script
text/javascript 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4503054387132604&plah=www.safetyml.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

cafe /

Resource Hash

27ee20c7d5c075ba9610cf49a00fe2ad37a0649ecf9dc64e044215b66c99d7c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94977
x-xss-protection: 0
server: cafe
etag: 10103688518249724071
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 12:43:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/ Frame 0E84 10 KB
5 KB 33ms
27ms Document
text/html 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210908/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.safetyml.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 14 Sep 2021 22:41:16 GMT
expires: Tue, 28 Sep 2021 22:41:16 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 50547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 56ms
30ms XHR
text/plain 216.58.212.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=31793754&t=pageview&_s=1&dl=https%3A%2F%2Fwww.safetyml.com%2F&ul=en-us&de=UTF-8&dt=SafetyML%3A%20Safety%20Modeling%20Language%20for%20Safety-Critical%20Apps&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=107267691&gjid=1981075938&cid=386312749.1631709824&tid=UA-346954-27&_gid=973408808.1631709824&_r=1&_slc=1&z=11726366

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.206 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s27-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.safetyml.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 12:43:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.safetyml.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
268 B 37ms
31ms Script
text/javascript 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.safetyml.com&callback=_gfp_s_&client=ca-pub-4503054387132604

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4503054387132604&plah=www.safetyml.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

cafe /

Resource Hash

0d4c02133330bd09f4dfde66e3ba457dc7cd010af36a06da8312c5a667a3aaf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 598ms
27ms Script
application/javascript 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.safetyml.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 12:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 597ms
26ms Script
application/javascript 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.safetyml.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s28-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 12:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4CD0 75 KB
26 KB 463ms
462ms Document
text/html 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4503054387132604&output=html&h=280&slotname=1227520675&adk=4207216397&adf=197352427&pi=t.ma~as.1227520675&w=956&fwrn=4&fwrnh=100&lmt=1568275797&rafmt=1&psa=0&format=956x280&url=https%3A%2F%2Fwww.safetyml.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631709823628&bpp=5&bdt=601&idt=95&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=1316164117773&frm=20&pv=2&ga_vid=386312749.1631709824&ga_sid=1631709824&ga_hid=31793754&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=322&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062518%2C31062297&oid=3&pvsid=58770996139610&pem=974&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ZZI7O12Hgy&p=https%3A//www.safetyml.com&dtd=111

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

cafe /

Resource Hash

8f958358b2713d54a2b2175bcf6f50e229903924ee40c25298356c251fcad65c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4503054387132604&output=html&h=280&slotname=1227520675&adk=4207216397&adf=197352427&pi=t.ma~as.1227520675&w=956&fwrn=4&fwrnh=100&lmt=1568275797&rafmt=1&psa=0&format=956x280&url=https%3A%2F%2Fwww.safetyml.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631709823628&bpp=5&bdt=601&idt=95&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=1316164117773&frm=20&pv=2&ga_vid=386312749.1631709824&ga_sid=1631709824&ga_hid=31793754&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=322&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062518%2C31062297&oid=3&pvsid=58770996139610&pem=974&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ZZI7O12Hgy&p=https%3A//www.safetyml.com&dtd=111
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.safetyml.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 15 Sep 2021 12:43:44 GMT
server: cafe
content-length: 26308
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 15-Sep-2021 12:58:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 15 Sep 2021 12:43:44 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 594ms
37ms Script
text/javascript 142.250.200.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.200.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s29-in-f2.1e100.net

Software

sffe /

Resource Hash

aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27627
x-xss-protection: 0
server: sffe
etag: "1631547519045135"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 15 Sep 2021 12:43:44 GMT

GET
H3 200 css
fonts.googleapis.com/ 2 KB
482 B 53ms
27ms Stylesheet
text/css 142.250.200.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:500

Requested by

Host: www.safetyml.com
URL: https://www.safetyml.com/rw_common/plugins/stacks/jquery-2.2.4.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s29-in-f10.1e100.net

Software

ESF /

Resource Hash

c16739b2471c717348631363c3a7fe6a49c381d846696168e6945a0f96781df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 12:42:01 GMT
server: ESF
date: Wed, 15 Sep 2021 12:43:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 12:43:43 GMT

GET
H2 200 fontawesome-webfont.woff2
www.safetyml.com/rw_common/plugins/stacks/ 75 KB
76 KB 140ms
140ms Font
font/woff2 192.185.166.156
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safetyml.com/rw_common/plugins/stacks/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.safetyml.com
URL: https://www.safetyml.com/rw_common/plugins/stacks/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.166.156 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: ns1736.websitewelcome.com
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-fetch-mode: cors
origin: https://www.safetyml.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _ga=GA1.2.386312749.1631709824; _gid=GA1.2.973408808.1631709824; _gat=1
:path: /rw_common/plugins/stacks/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.safetyml.com
referer: https://www.safetyml.com/rw_common/plugins/stacks/font-awesome.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.safetyml.com/rw_common/plugins/stacks/font-awesome.min.css
Origin: https://www.safetyml.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:43 GMT
last-modified: Thu, 12 Sep 2019 08:09:52 GMT
server: Apache
accept-ranges: bytes
content-length: 77160
content-type: font/woff2

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E11E 0
19 B 33ms
33ms Document
text/html 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4503054387132604&output=html&adk=1812271804&adf=3025194257&lmt=1568275797&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.safetyml.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631709823779&bpp=2&bdt=752&idt=2&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=956x280&nras=1&correlator=1316164117773&frm=20&pv=1&ga_vid=386312749.1631709824&ga_sid=1631709824&ga_hid=31793754&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062518%2C31062297&oid=3&pvsid=58770996139610&pem=974&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4503054387132604&output=html&adk=1812271804&adf=3025194257&lmt=1568275797&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.safetyml.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631709823779&bpp=2&bdt=752&idt=2&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=956x280&nras=1&correlator=1316164117773&frm=20&pv=1&ga_vid=386312749.1631709824&ga_sid=1631709824&ga_hid=31793754&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062518%2C31062297&oid=3&pvsid=58770996139610&pem=974&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=11
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.safetyml.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 15 Sep 2021 12:43:44 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 15-Sep-2021 12:58:44 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 15 Sep 2021 12:43:44 GMT
cache-control: private

GET
H3 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 29 KB
29 KB 63ms
29ms Font
font/woff2 142.250.187.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f3.1e100.net

Software

sffe /

Resource Hash

97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.safetyml.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 23:26:41 GMT
x-content-type-options: nosniff
age: 134222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29864
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 23:26:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4CD0 6 KB
669 B 27ms
27ms Stylesheet
text/css 142.250.200.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4503054387132604&output=html&h=280&slotname=1227520675&adk=4207216397&adf=197352427&pi=t.ma~as.1227520675&w=956&fwrn=4&fwrnh=100&lmt=1568275797&rafmt=1&psa=0&format=956x280&url=https%3A%2F%2Fwww.safetyml.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631709823628&bpp=5&bdt=601&idt=95&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=1316164117773&frm=20&pv=2&ga_vid=386312749.1631709824&ga_sid=1631709824&ga_hid=31793754&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=322&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062518%2C31062297&oid=3&pvsid=58770996139610&pem=974&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ZZI7O12Hgy&p=https%3A//www.safetyml.com&dtd=111

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s29-in-f10.1e100.net

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 10:59:35 GMT
server: ESF
date: Wed, 15 Sep 2021 12:43:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 12:43:44 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/ Frame 4CD0 1 KB
937 B 396ms
35ms Script
text/javascript 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s28-in-f1.1e100.net

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 11:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 11:12:52 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/ Frame 4CD0 18 KB
8 KB 376ms
19ms Script
text/javascript 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s28-in-f1.1e100.net

Software

cafe /

Resource Hash

cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7641
x-xss-protection: 0
server: cafe
etag: 14368791910870210898
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 12:41:33 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/ Frame 4CD0 2 KB
1 KB 378ms
21ms Script
text/javascript 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s28-in-f1.1e100.net

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:39:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 12:39:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4CD0 125 KB
38 KB 59ms
33ms Script
text/javascript 142.250.200.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s29-in-f2.1e100.net

Software

sffe /

Resource Hash

f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38646
x-xss-protection: 0
server: sffe
etag: "1631547526571764"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 15 Sep 2021 12:43:44 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/ Frame 4CD0 14 KB
6 KB 379ms
23ms Script
text/javascript 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s28-in-f1.1e100.net

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 12:34:10 GMT

GET
H2 200 8b8c639f95e935c054a6465040a495ee.js Show response
www.gstatic.com/mysidia/ Frame 4CD0 26 KB
11 KB 375ms
20ms Script
text/javascript 142.250.187.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f3.1e100.net

Software

sffe /

Resource Hash

42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 03:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10883
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 00:31:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 Dec 2021 03:10:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4CD0 0
0 33ms
33ms Fetch
text/html 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcU0cgOpBYb_FE4uCwuIPmOuV0AiFhqzkYaK3iobiDJaCzYWIFhABIPL93ANglYKAgJgHoAGh9PnJA8gBCakCzHGG9ZfTsz6oAwHIA8sEqgSsAU_QOWxjDrSl9ZIYNVwUfaUE_zvVtRTLAv9uAZYtE3BnqpKioifllKei5CVKLSOc2bBPl6OnXgRAAswO3I-6zlUHGO50sHB5Vucvbhuc92LVHqQmXqmd3GUDm0B2pGKy3FSQiahFQldvoSeoWygi6gWNANzcRUHR-3x1yrlCBvbjfiEX6JC8yDy6iSYQR0f7EJqEKppeiJuQnotP2-Ea5F42HF7CFq9E0lnDb6vABLyjuKDbA5IFBAgEGAGSBQQIBRgEoAYugAfHi4Y2qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBRDgj7IB0ggJCIDhgBAQARgfgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTQ1MDMwNTQzODcxMzI2MDQYAA&sigh=k8RGwb2KiI8&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4503054387132604&output=html&h=280&slotname=1227520675&adk=4207216397&adf=197352427&pi=t.ma~as.1227520675&w=956&fwrn=4&fwrnh=100&lmt=1568275797&rafmt=1&psa=0&format=956x280&url=https%3A%2F%2Fwww.safetyml.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631709823628&bpp=5&bdt=601&idt=95&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=1316164117773&frm=20&pv=2&ga_vid=386312749.1631709824&ga_sid=1631709824&ga_hid=31793754&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=322&ady=569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062518%2C31062297&oid=3&pvsid=58770996139610&pem=974&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ZZI7O12Hgy&p=https%3A//www.safetyml.com&dtd=111
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 15 Sep 2021 12:43:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Sep 2021 12:43:44 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5882136133941410435/ Frame 4CD0 41 KB
41 KB 390ms
37ms Image
image/jpeg 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5882136133941410435/downsize_200k_v1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s28-in-f1.1e100.net

Software

sffe /

Resource Hash

bf96c928bdd45210821ad3e7c9510f35e07487d3428e69c8ef434e4a55aad1dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:45 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42026
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 15:52:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Sep 2022 12:43:45 GMT

GET
DATA 200
OK truncated
/ Frame 4CD0 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4CD0 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbcb704b0cdb6c71508eb0be4a37ff9d3b8036fe5a72edfe92e4a04c8928eb5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 4CD0 15 KB
15 KB 27ms
27ms Font
font/woff2 142.250.187.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 06:00:56 GMT
x-content-type-options: nosniff
age: 196969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 06:00:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 4CD0 15 KB
15 KB 27ms
27ms Font
font/woff2 142.250.187.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f3.1e100.net

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 02:54:56 GMT
x-content-type-options: nosniff
age: 467329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Sep 2022 02:54:56 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 69ms
38ms XHR
application/json 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210908&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

cafe /

Resource Hash

bacbeb70591107634294e3c2041dc6575f1033d5a12d28eb72d4eb32e4bbc203

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 12:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8419
x-xss-protection: 0

GET
H3 200 N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js Show response
pagead2.googlesyndication.com/bg/ Frame DBF2 35 KB
13 KB 18ms
18ms Script
text/javascript 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

sffe /

Resource Hash

379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 23:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13196
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 14 Sep 2022 23:00:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 71ms
44ms Script
text/javascript 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s28-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 15 Sep 2021 12:43:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7AE9 12 KB
5 KB 22ms
22ms Document
text/html 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s28-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.safetyml.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 13 Sep 2021 21:28:47 GMT
expires: Tue, 13 Sep 2022 21:28:47 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 141298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 180A 783 B
1 KB 83ms
28ms Document
text/html 216.58.212.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.196 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s21-in-f4.1e100.net

Software

GSE /

Resource Hash

a4ed6e418b4cb4db45fe22217d204851e060dc0bf5746db97235b0d92bff6f16

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3imvLgvE+GI2igUjIHMu1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.safetyml.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/

Response headers

expires: Wed, 15 Sep 2021 12:43:45 GMT
date: Wed, 15 Sep 2021 12:43:45 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-3imvLgvE+GI2igUjIHMu1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js Show response
pagead2.googlesyndication.com/bg/ Frame 7AE9 35 KB
13 KB 19ms
18ms Script
text/javascript 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

sffe /

Resource Hash

379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 23:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13196
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 14 Sep 2022 23:00:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 180A 0
0 61ms
60ms Image
text/html 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210908&jk=58770996139610&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.187.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr25s34-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 30ms
30ms Image
image/gif 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210908&jk=58770996139610&bg=!t7SltPDNAAYT0U73E9E7ACkAdvg8WocoglxKt2Kmb8278kxmZdS-mhs5jdOT3-3rLND09NH7GAPj2gIAAAB1UgAAAApoAQcKANNOze9OtN482sxF73zo17uXU4ejL9zup4tjzhU6_ciC-vVt4j0OcB8Pe5FkaaVAvtbzarLLu-XOGC_fjCNc4fPeyAU5HBBJLpTgwylPhWxMU7pAY5fqO4DCai9oU4jyFjcf24UHuHrjOVjIcVusGARhKQHa_iY1Vds5iSTYJsguyp2XO76fcHRoy-0yWn_34UvXocwrgfjOrHHMOv1j19eprAfSc3WI8Sr3raMtXOZ1CJ-4-c36rukbX2WdHVy5843b4_yem4GQQVw3UOIsHsXPLFbXmQJ6X_vxPgG_HU9xwpoJbtFByPO4Y8fxqRzmMrEyZxHFypjX9Vq5ovOO7So78Sd6M_nluA3UK_Y7Rn6JHPv21qGzyQm_g7Bnx925DNe3nLpHbiaGPHmwWM-wyF6xFyq0r81yhALNwnS7e29g7k0bHNMFLF5vdLU6MSu2BV_6YonDm4358z5ocRHvYp-2xug35Zf-Mvkk3VZvAKHT3qT7iUDRweaL6ZOHg7b0rY_pfA-SH5SQnGt9Xmc3WFTYrd_m-Lx-NGX-smnRJAFMOVTZ3oN4C8bwfP7CVK6ZKz1y-l8WLaWOCM3BX8JCXsu8IyM9EOD54OO_7tBEo6HWe4CuaOvcRKykdA821ag80IGVfi9QSyktc1pBIVhcjJZ_bf5aijyUK7h27FIhvDR2-HiQbwnigrvMEk0Ygh-DKjyBzghQhfhva8M_3OuOHZAxX50nrEvNlmW7b6nk_iJvL0d1Uz3_2tryyxl0IL8Az5qhVGbSYPbNkk9UnP-ah9U7X9fME8VyH5CjOt3RkA7wUZQMZnxLvcDqM1KjBAiWZVJ86xzZV23mxdLbT7OIIS2DD9a5QRfxSZjKYNRauSg_qWJo720ACc1bidQZGpmaT1VRe3ynJWqy0kvsGKHDm5xW8P-qbBgUrneZtKXZnxUDbvA2wY1fo1FP82UqmiofXWd007uBNnpJ-5WB-K79s_BR4mi3t0NAqLKfYvGab19dp_uxz6i7hsdSHYkFKbRC1fn5dL99HodYkz0MfhwRAJHFYhOIqlbNWn2_RLFJ4txdMp-hl8HVJni8hmHek3cynSZ7j-mcEGaqwQmNrLnr9IkGsLynw_ERxCNyBPWN3DD2ig

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safetyml.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 12:43:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4CD0 42 B
64 B 37ms
36ms Fetch
image/gif 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstB3ujd_uwwQPTgJDIg1PTZ4PrDMAN0SMxwvv70h30pJ9njIO9FpbKCoo08IHZKtLbF412dujOM4CH7pwhWGl1yvPi1Kgn_JzsLItt5LAyE6u7XNXE53A&sai=AMfl-YTp81l2NgLdyyBw3B4_9F0eYIKrjWi1jm7HFRkBaoBjY4n09w71rm-c8Bfmz7mGAVsk3ctzzcs1tffg&sig=Cg0ArKJSzBZj2b9dfQU9EAE&id=lidar2&mcvt=1000&p=993,322,1273,1278&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20210913&bin=7&avms=nio&bs=0,0&mc=0.54&if=1&app=0&itpl=22&adk=4207216397&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1631709823741&rpt=1485&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 12:43:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.safetyml.com/	1970-01-20 14:46:21	Name: _ga Value: GA1.2.386312749.1631709824
.safetyml.com/	1970-01-19 21:16:36	Name: _gid Value: GA1.2.973408808.1631709824
.safetyml.com/	1970-01-19 21:15:09	Name: _gat Value: 1
.safetyml.com/	1970-01-20 06:36:45	Name: __gads Value: ID=9162d4e8422cdf51-22d6c4bb37cb0000:T=1631709823:RT=1631709823:S=ALNI_MZraHyhKscNB9dnhyTrh-BXcBq2tg
.doubleclick.net/	1970-01-20 06:36:45	Name: IDE Value: AHWqTUmpElIgtU3Td0IYzNfcl9XUQecG2tnSIZGjwIgdG9souDLMyxVf6hJP4hX3ewg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pivotpt.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.safetyml.com
142.250.187.226
142.250.187.227
142.250.200.10
142.250.200.2
142.250.200.34
172.217.16.225
172.217.16.226
192.185.166.156
192.185.166.16
216.58.212.196
216.58.212.206
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0d4c02133330bd09f4dfde66e3ba457dc7cd010af36a06da8312c5a667a3aaf0
0dcb523a2ad992fd5888295e9568b5a15abec3ed4ad49d4cbaac6b77b871cf74
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
1caff32cf0f5ed6aaf9d52c765a2e810e0b66e9ce21ead41469b17d4da001a12
27ee20c7d5c075ba9610cf49a00fe2ad37a0649ecf9dc64e044215b66c99d7c8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
48ac8d8a51bf8cf9bc66f122957d7b1e9173b42b67519372ffa176bec41efdcb
4c1f3940355908364812467b37387fedee239854c951aa8a38c2e61a4468aad6
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
54c378a3dc762c7d1ef4b344ba8fe84fcc0b2a23d1bc6ff68ab02fb19ce6a038
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
624242ac0854f320d5ecc127944303fd671b09caef14b561fbf7af039c6aff80
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
8e8b0bca9732f6d367ded81968fbb77290aa43fd2fe8c77fcc5b8b587c5f3b3d
8f958358b2713d54a2b2175bcf6f50e229903924ee40c25298356c251fcad65c
97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ed6e418b4cb4db45fe22217d204851e060dc0bf5746db97235b0d92bff6f16
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ab7bad3e49f2a03f26633df681f054a9f4ede20ed5ec2b9f954fd6538327f7e6
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
b25a979b1ecc03c7032dd966b2bcc6cdf1be8751f890d3aac54cfafb87593d21
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bacbeb70591107634294e3c2041dc6575f1033d5a12d28eb72d4eb32e4bbc203
bb88dd85bcb2507773482ea00eaa8f0bb39b8e49391f51c3579842f78a3307ba
bbcb704b0cdb6c71508eb0be4a37ff9d3b8036fe5a72edfe92e4a04c8928eb5a
bee58afdc397eb6599b9e916b8c58204daf8fbcea2752867581f3eceae78b7e1
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
bf96c928bdd45210821ad3e7c9510f35e07487d3428e69c8ef434e4a55aad1dc
c16739b2471c717348631363c3a7fe6a49c381d846696168e6945a0f96781df4
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
cae49cade8ecdee7e17f9a783f1523b46a9def33941de98954db862d5bfed510
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
d4cd7bda4c529b5312184b87f605b88fe893e0d12918dce2f42cd1a1a47b04dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fd00bbafd075c724d48213b6ad9f6091984ab5ada86a11f77241f316ce25cf19
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.safetyml.com Open in urlscan Pro 192.185.166.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

0 %IPv6

11 Domains

14 Subdomains

12 IPs

1 Countries

1537 kBTransfer

2546 kBSize

5 Cookies

13 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.safetyml.com Open in urlscan Pro
192.185.166.156 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

12
IPs

1
Countries

1537 kB
Transfer

2546 kB
Size

5
Cookies

50 HTTP transactions
2 data transactions