www.ihseb.net Open in urlscan Pro
162.144.13.179 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.ihseb.net/
Effective URL:
https://www.ihseb.net/
Submission: On December 27 via manual (December 27th 2022, 3:14:10 pm UTC) from SA — Scanned from DE

Summary HTTP 83 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 6 countries across 17 domains to perform 83 HTTP transactions. The main IP is 162.144.13.179, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.ihseb.net.
TLS certificate: Issued by R3 on November 4th 2022. Valid for: 3 months.

This is the only time www.ihseb.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	162.144.13.179 162.144.13.179	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
13	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:400d:808::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
5 5	2400:52e0:1e0... 2400:52e0:1e00::865:1	200325 (BUNNYCDN) (BUNNYCDN)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:db2f:b9cd:e64:dd58	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:9000:223... 2600:9000:223f:ee00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
83	16

10 162.144.13.179 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-144-13-179.unifiedlayer.com

www.ihseb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:400d:808::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2400:52e0:1e00::865:1 (Slovenia) 5 redirects

ASN200325 (BUNNYCDN, SI)

sp-ao.shortpixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:db2f:b9cd:e64:dd58 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.182 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:ee00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	408 KB
15	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 321	110 KB
10	ihseb.net 1 redirects www.ihseb.net	94 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	91 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 16	2 KB
5	shortpixel.ai 5 redirects sp-ao.shortpixel.ai — Cisco Umbrella Rank: 25632	3 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	141 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 5450	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 690	2 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 6509	651 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 914	445 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 452	459 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 723	712 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 3008	173 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 963	191 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	476 B
83	17

	Domain	Requested by
20	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	pagead2.googlesyndication.com	www.ihseb.net pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
10	www.ihseb.net	1 redirects www.ihseb.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.ihseb.net googleads.g.doubleclick.net
6	cm.g.doubleclick.net	www.ihseb.net googleads.g.doubleclick.net
5	sp-ao.shortpixel.ai	5 redirects
5	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	ssum-sec.casalemedia.com	2 redirects
2	d5p.de17a.com	2 redirects
1	s.ad.smaato.net	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
83	21

This site contains links to these domains. Also see Links.

Domain
www.qmath.net

Subject Issuer	Validity	Valid
*.ihseb.net R3	`2022-11-04` - `2023-02-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.ihseb.net/
Frame ID: DD1E939860DE484325D630512BC3220F
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 50F783101EA20FAEEED592FA23A0531C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3809175990604344&output=html&adk=3046330955&adf=2044148826&lmt=1672154037&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.ihseb.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672154037391&bpp=8&bdt=230&idt=184&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5454978248172&frm=20&pv=2&ga_vid=1678089032.1672154038&ga_sid=1672154038&ga_hid=155912533&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C44777506%2C31071168%2C44780792&oid=2&pvsid=3405008221349952&tmod=1293095462&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=202
Frame ID: 1063A70801B784B80CDF6F0FC8AB4770
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: D8FCFC37BB3630921FFB43ED0E06F256
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 81DB52DA68D76E36F914CFAFE080F16F
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 85886C6086E2C1F58C38B2DD2C805989
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 004790E219B0C60846AD0DDBB3A78E45
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 116846045F38CAE69B3C938EDAC970A8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 26B452901811C4DC455FA74E212B7980
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3809175990604344&output=html&h=280&slotname=8764532422&adk=2170310943&adf=3185746672&pi=t.ma~as.8764532422&w=728&fwrn=4&fwrnh=100&lmt=1672154043&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.ihseb.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672154043665&bpp=2&bdt=6505&idt=3&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=5454978248172&frm=20&pv=1&ga_vid=1678089032.1672154038&ga_sid=1672154038&ga_hid=155912533&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=293&ady=74&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C44777506%2C31071168%2C44780792&oid=2&psts=ACgb8tsvRFOEtLEcIWI1mhcN9pICAfDdxvgVwS50Mr_xOPO3uKDPPt2vuTtUbAicsvEiZnw1KMCmOS0dWu2VuymC43jUy1fkCAiXCdtdiRb4vuM&pvsid=3405008221349952&tmod=1293095462&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=TNUtJvgSE5&p=https%3A//www.ihseb.net&dtd=8
Frame ID: F042315ACBCB29B09D1A611BA3FB8D91
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 86E8AB47C69E21CB447D770C67DE00B8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 97C279DD2279A52AA57F08C747020046
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 07E5CF30BAB9CEFDF54B56005F5150E9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F007CB79049A88479023F797A3D635B3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

احسب - للحسابات السريعة والمباشرة

Page URL History Show full URLs

http://www.ihseb.net/ HTTP 301
https://www.ihseb.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

83
Requests

88 %
HTTPS

67 %
IPv6

17
Domains

21
Subdomains

16
IPs

6
Countries

849 kB
Transfer

2344 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.qmath.net/
Title: English

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ihseb.net/ HTTP 301
https://www.ihseb.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 40

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.ihseb.net/wp-content/themes/sahifa/images/patterns/body-bg7.png HTTP 302
https://www.ihseb.net/wp-content/themes/sahifa/images/patterns/body-bg7.png

Request Chain 44

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.ihseb.net/wp-content/themes/sahifa/images/main-menu-bg.png HTTP 302
https://www.ihseb.net/wp-content/themes/sahifa/images/main-menu-bg.png

Request Chain 45

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.ihseb.net/wp-content/themes/sahifa/images/home.png HTTP 302
https://www.ihseb.net/wp-content/themes/sahifa/images/home.png

Request Chain 46

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.ihseb.net/wp-content/themes/sahifa/images/stripe.png HTTP 302
https://www.ihseb.net/wp-content/themes/sahifa/images/stripe.png

Request Chain 48

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.ihseb.net/wp-content/themes/sahifa/images/sidebar-bullet.png HTTP 302
https://www.ihseb.net/wp-content/themes/sahifa/images/sidebar-bullet.png

Request Chain 64

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOGNGxl-KUUH4E9Iiu9HF1Q&google_cver=1&google_push=AavPq0PApNF-74MsqJcRus0Y-DCVfVMe3Fxep7W8BbY1b4deRKHH6pUrn9A-mEnrgWTShAOdy7B57-MpPSys9Pv98RPt2PAMsbYpOQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PApNF-74MsqJcRus0Y-DCVfVMe3Fxep7W8BbY1b4deRKHH6pUrn9A-mEnrgWTShAOdy7B57-MpPSys9Pv98RPt2PAMsbYpOQ&google_hm=eS1LTUlyblV4RTJwSGtzUDB0bERBMjRpbmdCSnR6T2g1Yn5B

Request Chain 65

https://d5p.de17a.com/cookies/google?google_gid=CAESEDs1epz736rHlUe-KelGeK0&google_cver=1&google_push=AavPq0Mq9m7_BWdTCaAjBPFmdF_-RT-oBP2C0l-pO6b9SMlSuBPoEJQTkpALwTMD89XnFVhN7Lh7crPRIqba04p0VXwH_w-FgDq5Qw HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDs1epz736rHlUe-KelGeK0&google_cver=1&google_push=AavPq0Mq9m7_BWdTCaAjBPFmdF_-RT-oBP2C0l-pO6b9SMlSuBPoEJQTkpALwTMD89XnFVhN7Lh7crPRIqba04p0VXwH_w-FgDq5Qw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Mq9m7_BWdTCaAjBPFmdF_-RT-oBP2C0l-pO6b9SMlSuBPoEJQTkpALwTMD89XnFVhN7Lh7crPRIqba04p0VXwH_w-FgDq5Qw

Request Chain 66

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBZvI7X_8Wjjzd1lIif7KDs&google_cver=1&google_push=AavPq0Nj-0TtCMd-L-PmJk0hUP57C3lHh-MS5-UN-YrXvX6IhSoBPraQgyrQnmY5SMmsil9JpeEtlA8bxCwRycXUoAJT2nk3Xx1UkA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEM2RENFNVYtMi1BMDg1&google_push=AavPq0Nj-0TtCMd-L-PmJk0hUP57C3lHh-MS5-UN-YrXvX6IhSoBPraQgyrQnmY5SMmsil9JpeEtlA8bxCwRycXUoAJT2nk3Xx1UkA

Request Chain 67

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK-tZsXZgQszG_VnzzugIIU&google_cver=1&google_push=AavPq0ONCBa7nZndPbrcP9P_aw4CvmjiGejeoIBAKRmnaE1h3rY4Y5XpxmfRszQURAhESpfX3YsK1H6h8L_Oii0KXuVZJNwFSTIV1A HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEK-tZsXZgQszG_VnzzugIIU&google_push=AavPq0ONCBa7nZndPbrcP9P_aw4CvmjiGejeoIBAKRmnaE1h3rY4Y5XpxmfRszQURAhESpfX3YsK1H6h8L_Oii0KXuVZJNwFSTIV1A&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-tZsXZgQszG_VnzzugIIU&google_hm=Y6sLvClZHHiU_zRB-cgmmgAABLsAAAIB&google_nid=index&google_push=AavPq0ONCBa7nZndPbrcP9P_aw4CvmjiGejeoIBAKRmnaE1h3rY4Y5XpxmfRszQURAhESpfX3YsK1H6h8L_Oii0KXuVZJNwFSTIV1A

Request Chain 68

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEF3s2IRpD5NAbyxmUqLjJqQ&google_cver=1&google_push=AavPq0MQ439JS5EbO7xLeAaXQXo8PwCe9X73KLBJJGlYaB_B_Plo02a9V2Wan_ufrNERVQqkEtTT8POMwbyBIECG9QmfiV2ID6YTJg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0MQ439JS5EbO7xLeAaXQXo8PwCe9X73KLBJJGlYaB_B_Plo02a9V2Wan_ufrNERVQqkEtTT8POMwbyBIECG9QmfiV2ID6YTJg

83 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ihseb.net/
Redirect Chain

http://www.ihseb.net/
https://www.ihseb.net/

54 KB
8 KB

2882ms
2443ms

Document
text/html

162.144.13.179
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ihseb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.13.179 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-13-179.unifiedlayer.com
Software: Apache /
Resource Hash: 0b8b9e4d48e3ef9e86099894aa2326d3c71380881cf1a3800880042cc0f35b26

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 7638
content-type: text/html; charset=UTF-8
date: Tue, 27 Dec 2022 15:13:54 GMT
link: <https://www.ihseb.net/wp-json/>; rel="https://api.w.org/"
server: Apache
vary: Accept-Encoding,Cookie

Redirect headers

Connection: Keep-Alive
Content-Length: 230
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 27 Dec 2022 15:13:54 GMT
Keep-Alive: timeout=5, max=75
Location: https://www.ihseb.net/
Server: Apache

GET
H2 200 autoptimize_a7197c960bdd19c2e415096f5545140b.css
www.ihseb.net/wp-content/cache/autoptimize/css/ 236 KB
59 KB 1537ms
1536ms Stylesheet
text/css 162.144.13.179
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ihseb.net/wp-content/cache/autoptimize/css/autoptimize_a7197c960bdd19c2e415096f5545140b.css
Requested by: Host: www.ihseb.net
URL: https://www.ihseb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.13.179 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-13-179.unifiedlayer.com
Software: Apache /
Resource Hash: fb7374647b668b25a0c7b0a276014c604dfa7f3d566459506bacfaafe3e15520

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:13:57 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 13:08:03 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30672000, public, immutable
accept-ranges: bytes
expires: Sun, 17 Dec 2023 15:13:57 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 182ms
132ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.ihseb.net
URL: https://www.ihseb.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d430b555046a6c395cc907abdae29818575ae203787c149a3ddfa73b5015510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49636
x-xss-protection: 0
server: cafe
etag: 13638438591266459291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 15:13:57 GMT

GET
H2 200 autoptimize_74d73a9aab66735f8c2215b7ed62f63b.js Show response
www.ihseb.net/wp-content/cache/autoptimize/js/ 143 B
227 B 6466ms
6466ms Script
application/javascript 162.144.13.179
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ihseb.net/wp-content/cache/autoptimize/js/autoptimize_74d73a9aab66735f8c2215b7ed62f63b.js
Requested by: Host: www.ihseb.net
URL: https://www.ihseb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.13.179 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-13-179.unifiedlayer.com
Software: Apache /
Resource Hash: 780999932b4cbfbfee9b0a107787794c73ae96b6f50ca596de6334d2cc805e21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:13:57 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 13:13:05 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30672000, public, immutable
accept-ranges: bytes
content-length: 153
expires: Sun, 17 Dec 2023 15:13:57 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 356 KB
117 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3809175990604344&plah=www.ihseb.net&bust=31071168

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e09fbe47395274b7b2ac7c6c0d2470611f1a7b149bda29b8c1f6f4b2482f999

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119970
x-xss-protection: 0
server: cafe
etag: 415296433009820858
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 15:13:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 50F7 10 KB
5 KB 71ms
20ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ihseb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 11:47:20 GMT
etag: 10353107486223812946
expires: Tue, 10 Jan 2023 11:47:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
476 B 139ms
54ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.ihseb.net&callback=_gfp_s_&client=ca-pub-3809175990604344&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3809175990604344&plah=www.ihseb.net&bust=31071168

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 153ms
54ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ihseb.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 145ms
56ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ihseb.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1063 247 KB
64 KB 460ms
416ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3809175990604344&output=html&adk=3046330955&adf=2044148826&lmt=1672154037&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.ihseb.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672154037391&bpp=8&bdt=230&idt=184&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5454978248172&frm=20&pv=2&ga_vid=1678089032.1672154038&ga_sid=1672154038&ga_hid=155912533&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C44777506%2C31071168%2C44780792&oid=2&pvsid=3405008221349952&tmod=1293095462&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=202

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93c065c4af38138c3013e2d62b0a65d60e85b6593ee21ff1eed35208c5f6ba12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ihseb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 65550
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 15:13:58 GMT
expires: Tue, 27 Dec 2022 15:13:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 150 KB
51 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js?bust=31071168

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610efc3d48050e9b8377e541b5ce93025ebefe3a08a6ff308e177794da53ca6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:13:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52351
x-xss-protection: 0
server: cafe
etag: 9665701251230489110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 15:13:58 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 72ms
30ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ihseb.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 125ms
56ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ihseb.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame D8FC 10 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ihseb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 11:47:20 GMT
etag: 10353107486223812946
expires: Tue, 10 Jan 2023 11:47:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 81DB 10 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ihseb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 11:47:20 GMT
etag: 10353107486223812946
expires: Tue, 10 Jan 2023 11:47:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame D8FC 4 KB
1 KB 90ms
28ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Dec 2022 15:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Dec 2022 13:20:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Dec 2022 15:13:58 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D8FC 205 B
743 B 66ms
20ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 09:43:43 GMT
x-content-type-options: nosniff
age: 19815
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 27 Dec 2023 09:43:43 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D8FC 604 B
696 B 70ms
24ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 22:02:13 GMT
x-content-type-options: nosniff
age: 148305
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 25 Dec 2023 22:02:13 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame D8FC 19 KB
8 KB 118ms
32ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48927
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Jan 2023 01:38:31 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 81DB 4 KB
694 B 84ms
29ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Dec 2022 15:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Dec 2022 14:37:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Dec 2022 15:13:58 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 81DB 2 KB
846 B 142ms
65ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 19:37:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Jan 2023 19:37:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 81DB 0
0 63ms
62ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMzmdtQurY4eaKY-eywXAy4ioCePOw5pst4T5yagQ8t3S4LIBEAEgr9rLF2CVgoCAmAegAe2pvZcoyAEJqQJMctA7VsyoPqgDAcgDywSqBLsBT9BaS4ONRGq0Nel3EITjlDYgKM2k_K7pmdom73VopOcZ99-HKIMWPNWRIMsCWtnrH275WP_loj2QlqtyTlhqGfAJv2qdiaAZHvnUFnTcRlxxuSdNvj_HqHzUCFxkOXg2CEgAV433WfxvYPUSFPAb6POU1zMzcNTz2twirP5bGJBAJo2IMcaryeF7T2625StjZu24CYFCnhpNUpzarj1XKsYNxjgNWHbG_HtExCGvOxr8FGGlXHUtrsiY5cAE_JOWu48EkgUECAQYAZIFBAgFGASgBi6AB-3hjfcCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQvfYD0ggRCIDhgBAQARhfMgKqAjoCgECACgHICwG4E-QD2BMM0BUBmBYBgBcBshccChoIABIUcHViLTM4MDkxNzU5OTA2MDQzNDQYAA&sigh=5A_mTY62bjY&uach_m=[UACH]&cid=CAQSGwDq26N9SpWNIRNG-DzYBcyshKdsXNEgM9SmvBgBIBM&template_id=484

Requested by

Host: www.ihseb.net
URL: https://www.ihseb.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 27 Dec 2022 15:13:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 27 Dec 2022 15:13:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 81DB 23 KB
9 KB 112ms
36ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48926
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Jan 2023 01:38:32 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 81DB 3 KB
1 KB 139ms
64ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48926
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Jan 2023 01:38:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 81DB 18 KB
7 KB 117ms
43ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48927
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Jan 2023 01:38:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 81DB 153 KB
47 KB 107ms
33ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Dec 2022 15:13:58 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 81DB 34 KB
14 KB 54ms
21ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Mar 2023 09:05:50 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8588 8 KB
895 B 70ms
29ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Dec 2022 15:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Dec 2022 14:57:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Dec 2022 15:13:58 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8588 2 KB
799 B 46ms
45ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 19:37:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Jan 2023 19:37:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 8588 23 KB
9 KB 45ms
43ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48926
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Jan 2023 01:38:32 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8588 3 KB
1 KB 55ms
53ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48926
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Jan 2023 01:38:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8588 18 KB
7 KB 50ms
49ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48927
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Jan 2023 01:38:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8588 153 KB
47 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Dec 2022 15:13:58 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 8588 34 KB
14 KB 58ms
19ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Mar 2023 09:05:50 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/17584044055746953691/ Frame 81DB 16 KB
16 KB 103ms
36ms Image
image/jpeg 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17584044055746953691/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d254aeeaa093cde5767602c8d256f6c697d089e02b6ca446507977cf6dd57c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 16:53:49 GMT
x-content-type-options: nosniff
age: 339609
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16803
x-xss-protection: 0
last-modified: Mon, 16 May 2022 20:43:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Dec 2023 16:53:49 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8210928447255208316/ Frame 81DB 3 KB
3 KB 100ms
33ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8210928447255208316/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5d9b58687c2c048eb8dac8e60c1f58dea2073a82f8faac85915d0924645d459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 14:05:59 GMT
x-content-type-options: nosniff
age: 4079
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3266
x-xss-protection: 0
last-modified: Sun, 07 Aug 2022 18:27:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 27 Dec 2023 14:05:59 GMT

GET
DATA 200
OK truncated
/ Frame 81DB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7b16ee96fce1a4afaaf1c2a40faf5665aa6ef4ca08857841680e2cbc73aa1e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0047 143 B
166 B 20ms
20ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 15:07:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0047
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
37ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 15:13:58 GMT
expires: Tue, 27 Dec 2022 15:13:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 15:13:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 1168 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: www.ihseb.net
URL: https://www.ihseb.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 23:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Dec 2023 23:24:06 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 26B4 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: www.ihseb.net
URL: https://www.ihseb.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 23:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Dec 2023 23:24:06 GMT

GET
H2

200

body-bg7.png
www.ihseb.net/wp-content/themes/sahifa/images/patterns/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.ihseb.net/wp-content/themes/sahifa/images/patterns/body-bg7.png
https://www.ihseb.net/wp-content/themes/sahifa/images/patterns/body-bg7.png

7 KB
7 KB

1174ms
442ms

Image
image/png

162.144.13.179
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ihseb.net/wp-content/themes/sahifa/images/patterns/body-bg7.png
Requested by: Host: www.ihseb.net
URL: https://www.ihseb.net/wp-content/cache/autoptimize/css/autoptimize_a7197c960bdd19c2e415096f5545140b.css
Protocol: H2
Server: 162.144.13.179 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-13-179.unifiedlayer.com
Software: Apache /
Resource Hash: 63cabd6937f8e89a36dfd1961358988b60c6065a0495138d4b118cb430a83d93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:14:04 GMT
last-modified: Mon, 05 Oct 2020 12:21:31 GMT
server: Apache
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 7082
expires: Sat, 25 Feb 2023 15:14:04 GMT

Redirect headers

date: Tue, 27 Dec 2022 15:14:03 GMT
cdn-edgestorageid: 1049
cdn-cachedat: 12/27/2022 03:42:54
cdn-pullzone: 257218
cdn-tag: 0; Domain: www.ihseb.net; 302
content-length: 0
pragma: cache
server: BunnyCDN-DE1-865
cdn-proxyver: 1.03
cdn-requestpullcode: 302
content-type: text/html; charset=UTF-8
location: https://www.ihseb.net/wp-content/themes/sahifa/images/patterns/body-bg7.png
access-control-allow-origin: *
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-cache: HIT
cdn-requestid: be79f92d7d5137b9910ec6855726c8c0
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 302
cdn-requestpullsuccess: True

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ihseb.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 55ms
55ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ihseb.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F042 85 KB
32 KB 358ms
358ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3809175990604344&output=html&h=280&slotname=8764532422&adk=2170310943&adf=3185746672&pi=t.ma~as.8764532422&w=728&fwrn=4&fwrnh=100&lmt=1672154043&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.ihseb.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672154043665&bpp=2&bdt=6505&idt=3&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=5454978248172&frm=20&pv=1&ga_vid=1678089032.1672154038&ga_sid=1672154038&ga_hid=155912533&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=293&ady=74&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C44777506%2C31071168%2C44780792&oid=2&psts=ACgb8tsvRFOEtLEcIWI1mhcN9pICAfDdxvgVwS50Mr_xOPO3uKDPPt2vuTtUbAicsvEiZnw1KMCmOS0dWu2VuymC43jUy1fkCAiXCdtdiRb4vuM&pvsid=3405008221349952&tmod=1293095462&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=TNUtJvgSE5&p=https%3A//www.ihseb.net&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a21fed4e0ec79d95721780eb4dd1ec1fe30e22b44341871e1c52e1a430ea693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ihseb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 32449
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 15:14:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

main-menu-bg.png
www.ihseb.net/wp-content/themes/sahifa/images/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.ihseb.net/wp-content/themes/sahifa/images/main-menu-bg.png
https://www.ihseb.net/wp-content/themes/sahifa/images/main-menu-bg.png

93 B
124 B

2035ms
1302ms

Image
image/png

162.144.13.179
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ihseb.net/wp-content/themes/sahifa/images/main-menu-bg.png
Requested by: Host: www.ihseb.net
URL: https://www.ihseb.net/wp-content/cache/autoptimize/css/autoptimize_a7197c960bdd19c2e415096f5545140b.css
Protocol: H2
Server: 162.144.13.179 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-13-179.unifiedlayer.com
Software: Apache /
Resource Hash: 6244e4496acd309118dc6e967a374ede63054d78a489c649e561af1d68bdee5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:14:04 GMT
last-modified: Mon, 05 Oct 2020 12:21:31 GMT
server: Apache
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 93
expires: Sat, 25 Feb 2023 15:14:04 GMT

Redirect headers

date: Tue, 27 Dec 2022 15:14:03 GMT
cdn-edgestorageid: 1047
cdn-cachedat: 12/27/2022 03:42:58
cdn-pullzone: 257218
cdn-tag: 0; Domain: www.ihseb.net; 302
content-length: 0
pragma: cache
server: BunnyCDN-DE1-865
cdn-proxyver: 1.03
cdn-requestpullcode: 302
content-type: text/html; charset=UTF-8
location: https://www.ihseb.net/wp-content/themes/sahifa/images/main-menu-bg.png
access-control-allow-origin: *
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-cache: HIT
cdn-requestid: 747d42aa90867e02fa7fde6aee01d772
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

home.png
www.ihseb.net/wp-content/themes/sahifa/images/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.ihseb.net/wp-content/themes/sahifa/images/home.png
https://www.ihseb.net/wp-content/themes/sahifa/images/home.png

2 KB
2 KB

1175ms
441ms

Image
image/png

162.144.13.179
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ihseb.net/wp-content/themes/sahifa/images/home.png
Requested by: Host: www.ihseb.net
URL: https://www.ihseb.net/wp-content/cache/autoptimize/css/autoptimize_a7197c960bdd19c2e415096f5545140b.css
Protocol: H2
Server: 162.144.13.179 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-13-179.unifiedlayer.com
Software: Apache /
Resource Hash: 13fb711e28c731a49b07a30e0b2f908026190e8a9754f85dfeaea68f28d7c8db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:14:04 GMT
last-modified: Mon, 05 Oct 2020 12:21:31 GMT
server: Apache
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1711
expires: Sat, 25 Feb 2023 15:14:04 GMT

Redirect headers

date: Tue, 27 Dec 2022 15:14:03 GMT
cdn-edgestorageid: 1053
cdn-cachedat: 12/27/2022 08:54:49
cdn-pullzone: 257218
cdn-tag: 0; Domain: www.ihseb.net; 302
content-length: 0
pragma: cache
server: BunnyCDN-DE1-865
cdn-proxyver: 1.03
cdn-requestpullcode: 302
content-type: text/html; charset=UTF-8
location: https://www.ihseb.net/wp-content/themes/sahifa/images/home.png
access-control-allow-origin: *
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-cache: HIT
cdn-requestid: 879ba5756a67dd009a1cfe0c7bbd8317
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

stripe.png
www.ihseb.net/wp-content/themes/sahifa/images/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.ihseb.net/wp-content/themes/sahifa/images/stripe.png
https://www.ihseb.net/wp-content/themes/sahifa/images/stripe.png

93 B
124 B

2036ms
1302ms

Image
image/png

162.144.13.179
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ihseb.net/wp-content/themes/sahifa/images/stripe.png
Requested by: Host: www.ihseb.net
URL: https://www.ihseb.net/wp-content/cache/autoptimize/css/autoptimize_a7197c960bdd19c2e415096f5545140b.css
Protocol: H2
Server: 162.144.13.179 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-13-179.unifiedlayer.com
Software: Apache /
Resource Hash: 23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:14:04 GMT
last-modified: Mon, 05 Oct 2020 12:21:31 GMT
server: Apache
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 93
expires: Sat, 25 Feb 2023 15:14:04 GMT

Redirect headers

date: Tue, 27 Dec 2022 15:14:03 GMT
cdn-edgestorageid: 874
cdn-cachedat: 12/27/2022 10:51:00
cdn-pullzone: 257218
cdn-tag: 0; Domain: www.ihseb.net; 302
content-length: 0
pragma: cache
server: BunnyCDN-DE1-865
cdn-proxyver: 1.03
cdn-requestpullcode: 302
content-type: text/html; charset=UTF-8
location: https://www.ihseb.net/wp-content/themes/sahifa/images/stripe.png
access-control-allow-origin: *
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-cache: HIT
cdn-requestid: 0c029d871af19f73037e5a82081728da
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2 200 BebasNeue-webfont.woff
www.ihseb.net/wp-content/themes/sahifa/fonts/ 18 KB
18 KB 1701ms
871ms Font
font/woff 162.144.13.179
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ihseb.net/wp-content/themes/sahifa/fonts/BebasNeue-webfont.woff
Requested by: Host: www.ihseb.net
URL: https://www.ihseb.net/wp-content/cache/autoptimize/css/autoptimize_a7197c960bdd19c2e415096f5545140b.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.13.179 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-13-179.unifiedlayer.com
Software: Apache /
Resource Hash: 0cc7740c9468aaae51503c1e2a06376b3c946ff587e8eddf5265f92fd5508b2c

Request headers

Referer: https://www.ihseb.net/wp-content/cache/autoptimize/css/autoptimize_a7197c960bdd19c2e415096f5545140b.css
Origin: https://www.ihseb.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:14:04 GMT
last-modified: Mon, 05 Oct 2020 12:21:31 GMT
server: Apache
accept-ranges: bytes
content-length: 18036
content-type: font/woff

GET
H2

200

sidebar-bullet.png
www.ihseb.net/wp-content/themes/sahifa/images/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.ihseb.net/wp-content/themes/sahifa/images/sidebar-bullet.png
https://www.ihseb.net/wp-content/themes/sahifa/images/sidebar-bullet.png

82 B
113 B

1175ms
443ms

Image
image/png

162.144.13.179
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ihseb.net/wp-content/themes/sahifa/images/sidebar-bullet.png
Requested by: Host: www.ihseb.net
URL: https://www.ihseb.net/wp-content/cache/autoptimize/css/autoptimize_a7197c960bdd19c2e415096f5545140b.css
Protocol: H2
Server: 162.144.13.179 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-13-179.unifiedlayer.com
Software: Apache /
Resource Hash: 36ec8e8c702a4c1b69be799c1294e730360eb146f1ec77ec8272528fdc4e3c17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:14:04 GMT
last-modified: Mon, 05 Oct 2020 12:21:31 GMT
server: Apache
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 82
expires: Sat, 25 Feb 2023 15:14:04 GMT

Redirect headers

date: Tue, 27 Dec 2022 15:14:03 GMT
cdn-edgestorageid: 874
cdn-cachedat: 12/27/2022 03:42:54
cdn-pullzone: 257218
cdn-tag: 0; Domain: www.ihseb.net; 302
content-length: 0
pragma: cache
server: BunnyCDN-DE1-865
cdn-proxyver: 1.03
cdn-requestpullcode: 302
content-type: text/html; charset=UTF-8
location: https://www.ihseb.net/wp-content/themes/sahifa/images/sidebar-bullet.png
access-control-allow-origin: *
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-cache: HIT
cdn-requestid: 249d7867b1cf65b1888770ef1ce1cd77
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 302
cdn-requestpullsuccess: True

GET
H3 200 css
fonts.googleapis.com/ Frame F042 6 KB
672 B 30ms
28ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3809175990604344&output=html&h=280&slotname=8764532422&adk=2170310943&adf=3185746672&pi=t.ma~as.8764532422&w=728&fwrn=4&fwrnh=100&lmt=1672154043&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.ihseb.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672154043665&bpp=2&bdt=6505&idt=3&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=5454978248172&frm=20&pv=1&ga_vid=1678089032.1672154038&ga_sid=1672154038&ga_hid=155912533&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=293&ady=74&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C44777506%2C31071168%2C44780792&oid=2&psts=ACgb8tsvRFOEtLEcIWI1mhcN9pICAfDdxvgVwS50Mr_xOPO3uKDPPt2vuTtUbAicsvEiZnw1KMCmOS0dWu2VuymC43jUy1fkCAiXCdtdiRb4vuM&pvsid=3405008221349952&tmod=1293095462&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=TNUtJvgSE5&p=https%3A//www.ihseb.net&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Dec 2022 15:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Dec 2022 13:52:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Dec 2022 15:14:04 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F042 2 KB
765 B 34ms
32ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 19:37:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Jan 2023 19:37:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame F042 23 KB
9 KB 35ms
33ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48932
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Jan 2023 01:38:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F042 3 KB
1 KB 40ms
38ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48932
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Jan 2023 01:38:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F042 18 KB
7 KB 35ms
33ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48933
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Jan 2023 01:38:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F042 0
0 75ms
29ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWiCvAVJOXJlOtXeez0CKizlpoa1yscN9-q71y62jYr30m35xghfCzQOCElRKuBXZ2WUVhJiccFPaiM2g8nirEpiwCvg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3809175990604344&output=html&h=280&slotname=8764532422&adk=2170310943&adf=3185746672&pi=t.ma~as.8764532422&w=728&fwrn=4&fwrnh=100&lmt=1672154043&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.ihseb.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672154043665&bpp=2&bdt=6505&idt=3&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=5454978248172&frm=20&pv=1&ga_vid=1678089032.1672154038&ga_sid=1672154038&ga_hid=155912533&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=293&ady=74&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C44777506%2C31071168%2C44780792&oid=2&psts=ACgb8tsvRFOEtLEcIWI1mhcN9pICAfDdxvgVwS50Mr_xOPO3uKDPPt2vuTtUbAicsvEiZnw1KMCmOS0dWu2VuymC43jUy1fkCAiXCdtdiRb4vuM&pvsid=3405008221349952&tmod=1293095462&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=TNUtJvgSE5&p=https%3A//www.ihseb.net&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F042 153 KB
47 KB 80ms
36ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Dec 2022 15:14:04 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame F042 34 KB
14 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Mar 2023 09:05:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F042 0
0 66ms
64ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ce1souwurY8zNKse69u8Pl6CtmAb_h5aSbpntsZLhEI3m2r_NARABIK_ayxdglYKAgJgHoAG3mIGiKMgBCakCsrkuq9hKez6oAwHIA8sEqgTFAU_Qvub-yhcVl-jEVnJXX6MN9dl8ZbKSA1xWozOSOLATfVr6zXryd04Ah4Cqa8HIwGhABWY6pOn1soeraMljr0dw2LK5FSQHfmV4Py6XFooCvQInYpmQj2jUttnY7_fLRpmUvmXTcTZrklZ-8SXbmP1oWnLPEeH_QjyiDAo52IUwL5OOtp_c6fMG6iNDa3NHdiyA3E-NzZGuzU8EREXmU8CqtjIrDvRcOOIRCol_JsmfQp_qs1gV7cQPaTNNi3ELZ_bSBTTnwASUtJeqkQSSBQQIBBgBkgUECAUYBKAGLoAHgc-NugOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDimhDSCBEIgOGAEBABGF8yAqoCOgKAQIAKAcgLAbgT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItMzgwOTE3NTk5MDYwNDM0NBgA&sigh=YheWbIMpa68&uach_m=[UACH]&cid=CAQSKQDq26N9BRzfOd6vWY8cLwSH_8p7mL3k13t3J7zn6vnI5WNCvbOWYTu7GAEgEw&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3809175990604344&output=html&h=280&slotname=8764532422&adk=2170310943&adf=3185746672&pi=t.ma~as.8764532422&w=728&fwrn=4&fwrnh=100&lmt=1672154043&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.ihseb.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672154043665&bpp=2&bdt=6505&idt=3&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=5454978248172&frm=20&pv=1&ga_vid=1678089032.1672154038&ga_sid=1672154038&ga_hid=155912533&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=293&ady=74&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C44777506%2C31071168%2C44780792&oid=2&psts=ACgb8tsvRFOEtLEcIWI1mhcN9pICAfDdxvgVwS50Mr_xOPO3uKDPPt2vuTtUbAicsvEiZnw1KMCmOS0dWu2VuymC43jUy1fkCAiXCdtdiRb4vuM&pvsid=3405008221349952&tmod=1293095462&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=TNUtJvgSE5&p=https%3A//www.ihseb.net&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 27 Dec 2022 15:14:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11516259201195879486/ Frame F042 14 KB
14 KB 35ms
34ms Image
image/jpeg 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11516259201195879486/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b53fbb2283de6a9c21ca514fb42b139067798fdac0c49423818190ac6b4aa61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 19:34:38 GMT
x-content-type-options: nosniff
age: 416366
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14287
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 10:37:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 22 Dec 2023 19:34:38 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/13269078359520607832/ Frame F042 7 KB
7 KB 44ms
44ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13269078359520607832/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd18d153b6fe7818baa53581dbecb71b0698da3b36ad61a43e927a4514d33fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:42:50 GMT
x-content-type-options: nosniff
age: 581474
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7004
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 10:37:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Dec 2023 21:42:50 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 86E8 1 KB
643 B 22ms
20ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Dec 2022 17:24:09 GMT
etag: 48472445140208031
expires: Tue, 27 Dec 2022 17:24:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F042 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1fa693f644eaf248f70d2e5097760f9bdc6a6aa81dafb9b7936d33df87af442

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 86E8 0
191 B 148ms
28ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEKWwktURmXF5hcGltZciE9g&google_cver=1&google_push=AavPq0ODuwRQRoOSOx9-U35bQiiqKpFwGT3UAw0bTwJvf5Vr9LLuu_AB62gCDiNWASiuYfEeNTLSisGt8xCcP5bFQfpCXhau4w2yCA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3809175990604344&output=html&h=280&slotname=8764532422&adk=2170310943&adf=3185746672&pi=t.ma~as.8764532422&w=728&fwrn=4&fwrnh=100&lmt=1672154043&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.ihseb.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672154043665&bpp=2&bdt=6505&idt=3&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=5454978248172&frm=20&pv=1&ga_vid=1678089032.1672154038&ga_sid=1672154038&ga_hid=155912533&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=293&ady=74&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C44777506%2C31071168%2C44780792&oid=2&psts=ACgb8tsvRFOEtLEcIWI1mhcN9pICAfDdxvgVwS50Mr_xOPO3uKDPPt2vuTtUbAicsvEiZnw1KMCmOS0dWu2VuymC43jUy1fkCAiXCdtdiRb4vuM&pvsid=3405008221349952&tmod=1293095462&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=TNUtJvgSE5&p=https%3A//www.ihseb.net&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Tue, 27 Dec 2022 15:14:04 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 86E8 0
173 B 81ms
31ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIYuB2qrSa3OQEFl5ljTIC4&google_cver=1&google_push=AavPq0PnWpSp5BVql94HF2u0Q7VD18hlQvKGdNzOXJXi_K7YFxH-uza7XJLii_72UaUOZIelLKaPVRnCF7SQBwztJJoLHwQhF6EExQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3809175990604344&output=html&h=280&slotname=8764532422&adk=2170310943&adf=3185746672&pi=t.ma~as.8764532422&w=728&fwrn=4&fwrnh=100&lmt=1672154043&rafmt=1&format=728x280&url=https%3A%2F%2Fwww.ihseb.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672154043665&bpp=2&bdt=6505&idt=3&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=5454978248172&frm=20&pv=1&ga_vid=1678089032.1672154038&ga_sid=1672154038&ga_hid=155912533&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=293&ady=74&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C44777506%2C31071168%2C44780792&oid=2&psts=ACgb8tsvRFOEtLEcIWI1mhcN9pICAfDdxvgVwS50Mr_xOPO3uKDPPt2vuTtUbAicsvEiZnw1KMCmOS0dWu2VuymC43jUy1fkCAiXCdtdiRb4vuM&pvsid=3405008221349952&tmod=1293095462&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=TNUtJvgSE5&p=https%3A//www.ihseb.net&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:14:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 86E8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOGNGxl-KUUH4E9Iiu9HF1Q&google_cver=1&google_push=AavPq0PApNF-74MsqJcRus0Y-DCVfVMe3Fxep7W8BbY1b4deRKHH6pUrn9A-mEnrgWTShAOdy7B57-MpPSys9Pv98RPt2PA...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PApNF-74MsqJcRus0Y-DCVfVMe3Fxep7W8BbY1b4deRKHH6pUrn9A-mEnrgWTShAOdy7B57-MpPSys9Pv98RPt2PAMsbYpOQ&google_hm=eS1LTUlyblV4RTJwSGtz...

170 B
232 B

331ms
30ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PApNF-74MsqJcRus0Y-DCVfVMe3Fxep7W8BbY1b4deRKHH6pUrn9A-mEnrgWTShAOdy7B57-MpPSys9Pv98RPt2PAMsbYpOQ&google_hm=eS1LTUlyblV4RTJwSGtzUDB0bERBMjRpbmdCSnR6T2g1Yn5B

Requested by

Host: www.ihseb.net
URL: https://www.ihseb.net/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 15:14:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 27 Dec 2022 15:14:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PApNF-74MsqJcRus0Y-DCVfVMe3Fxep7W8BbY1b4deRKHH6pUrn9A-mEnrgWTShAOdy7B57-MpPSys9Pv98RPt2PAMsbYpOQ&google_hm=eS1LTUlyblV4RTJwSGtzUDB0bERBMjRpbmdCSnR6T2g1Yn5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 86E8
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDs1epz736rHlUe-KelGeK0&google_cver=1&google_push=AavPq0Mq9m7_BWdTCaAjBPFmdF_-RT-oBP2C0l-pO6b9SMlSuBPoEJQTkpALwTMD89XnFVhN7Lh7crPRIqba04p0VXwH_w-...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDs1epz736rHlUe-KelGeK0&google_cver=1&google_push=AavPq0Mq9m7_BWdTCaAjBPFmdF_-RT-oBP2C0l-pO6b9SMlSuBPoEJQTkpALwTMD89XnFVhN7Lh7crPRIqba04p0VXwH_...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Mq9m7_BWdTCaAjBPFmdF_-RT-oBP2C0l-pO6b9SMlSuBPoEJQTkpALwTMD89XnFVhN7Lh7crPRIqba04p0VXwH_w-FgDq5Qw

170 B
232 B

330ms
29ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Mq9m7_BWdTCaAjBPFmdF_-RT-oBP2C0l-pO6b9SMlSuBPoEJQTkpALwTMD89XnFVhN7Lh7crPRIqba04p0VXwH_w-FgDq5Qw

Requested by

Host: www.ihseb.net
URL: https://www.ihseb.net/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 15:14:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Mq9m7_BWdTCaAjBPFmdF_-RT-oBP2C0l-pO6b9SMlSuBPoEJQTkpALwTMD89XnFVhN7Lh7crPRIqba04p0VXwH_w-FgDq5Qw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 86E8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBZvI7X_8Wjjzd1lIif7KDs&google_cver=1&google_push=AavPq0Nj-0TtCMd-L-PmJk0hUP57C3lHh-MS5-UN-YrXvX6IhSoBPraQgyrQnmY5SMmsil9JpeE...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEM2RENFNVYtMi1BMDg1&google_push=AavPq0Nj-0TtCMd-L-PmJk0hUP57C3lHh-MS5-UN-YrXvX6IhSoBPraQgyrQnmY5SMmsil9JpeEtlA8bxCwRycXUoAJT2nk3Xx1UkA

170 B
232 B

332ms
31ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEM2RENFNVYtMi1BMDg1&google_push=AavPq0Nj-0TtCMd-L-PmJk0hUP57C3lHh-MS5-UN-YrXvX6IhSoBPraQgyrQnmY5SMmsil9JpeEtlA8bxCwRycXUoAJT2nk3Xx1UkA

Requested by

Host: www.ihseb.net
URL: https://www.ihseb.net/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 15:14:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEM2RENFNVYtMi1BMDg1&google_push=AavPq0Nj-0TtCMd-L-PmJk0hUP57C3lHh-MS5-UN-YrXvX6IhSoBPraQgyrQnmY5SMmsil9JpeEtlA8bxCwRycXUoAJT2nk3Xx1UkA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 86E8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK-tZsXZgQszG_VnzzugIIU&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEK-tZsXZgQszG_VnzzugIIU&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-tZsXZgQszG_VnzzugIIU&google_hm=Y6sLvClZHHiU_zRB-cgmmgAABLsAAAIB&google_nid=index&google_push=AavPq0ONCBa7nZndPbrcP9P_aw4CvmjiGejeo...

170 B
232 B

332ms
31ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-tZsXZgQszG_VnzzugIIU&google_hm=Y6sLvClZHHiU_zRB-cgmmgAABLsAAAIB&google_nid=index&google_push=AavPq0ONCBa7nZndPbrcP9P_aw4CvmjiGejeoIBAKRmnaE1h3rY4Y5XpxmfRszQURAhESpfX3YsK1H6h8L_Oii0KXuVZJNwFSTIV1A

Requested by

Host: www.ihseb.net
URL: https://www.ihseb.net/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 15:14:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Dec 2022 15:14:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQdOV80lZCuZYW83N7wItKtcWiUNkf5KfIS2%2FL%2B9jMBKW83krzqNGZ8sFMEY9lzALeef9KynBPcuBJDpjz4qgyZuVuTji6GH0tltbjvEjJMxi2xcEhR7RTUkq3sS7CZy4ZtU%2Bv2Y5GiSZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-tZsXZgQszG_VnzzugIIU&google_hm=Y6sLvClZHHiU_zRB-cgmmgAABLsAAAIB&google_nid=index&google_push=AavPq0ONCBa7nZndPbrcP9P_aw4CvmjiGejeoIBAKRmnaE1h3rY4Y5XpxmfRszQURAhESpfX3YsK1H6h8L_Oii0KXuVZJNwFSTIV1A
cache-control: no-cache
cf-ray: 780300fa9ae1901c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 86E8
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEF3s2IRpD5NAbyxmUqLjJqQ&google_cver=1&google_push=AavPq0MQ439JS5EbO7xLeAaXQXo8PwCe9X73KLBJJGlYaB_B_Plo02a9V2Wan_ufrNERVQqkEtTT8POMwbyBIECG...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0MQ439JS5EbO7xLeAaXQXo8PwCe9X73KLBJJGlYaB_B_Plo02a9V2Wan_ufrNERVQqkEtTT8POMwbyBIECG9QmfiV2ID6YTJg

170 B
329 B

29ms
29ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0MQ439JS5EbO7xLeAaXQXo8PwCe9X73KLBJJGlYaB_B_Plo02a9V2Wan_ufrNERVQqkEtTT8POMwbyBIECG9QmfiV2ID6YTJg

Requested by

Host: www.ihseb.net
URL: https://www.ihseb.net/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 15:14:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 27 Dec 2022 15:14:04 GMT
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0MQ439JS5EbO7xLeAaXQXo8PwCe9X73KLBJJGlYaB_B_Plo02a9V2Wan_ufrNERVQqkEtTT8POMwbyBIECG9QmfiV2ID6YTJg
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: DdIOu0wST1VQ5uxHdHxfyPF4rNEc-keZyV3-RbWpOmxeLI-rjTF7kQ==

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 86E8 0
223 B 99ms
27ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IeUReGD1dhyv2qohSU2soMRYnPbWwumSrop5ZhqkyfyP9uegjnpR8teR5nRNCZS3gYdbfj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:14:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F042 15 KB
16 KB 70ms
20ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 326000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:40:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F042 15 KB
16 KB 74ms
25ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 80952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F042 15 KB
15 KB 89ms
42ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 415909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:42:15 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 97C2 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 23:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Dec 2023 23:24:06 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 81DB 42 B
64 B 172ms
127ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPqXdbzlNtceacYGr-fSeKyHIf2P3QyKqsuk1kdByHPEdZbe5Sf-0UGkTV1N1aQFCk5SwFvqWaVqKLzlq2tvMHTyHC-1EdlfxQWZfayYLwctVMC5rLx3rm9Ap1ujKFs9WlIdGnsQ&sai=AMfl-YT1q2yRh5VWAfntTgd-5bbp5uJhWfbYgGeylbg_D65SlSkTUcdeNG8xcYshNv7O0KPOFc7dZvD2wqdkveY&sig=Cg0ArKJSzGR0KOZj05clEAE&cid=CAQSGwDq26N9SpWNIRNG-DzYBcyshKdsXNEgM9SmvBgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=84,769,1000,1119,1277&tos=84,685,231,119,158&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3046330951&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672154038198&rpt=357&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 15:14:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F042 42 B
64 B 134ms
133ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxaY6Osx8IiMnMMTgQqGDpeDk1ESj9uLvKLwnv-zH9wru3rwYpQA-q8MLATAkO5fVG9Q9PFL827OPpaS_m5KQjvRFDu98ZT3ZBnYIC0WVuh0l7CM5el2-lW3CnYNNQDdkFikU98A&sai=AMfl-YQFdNOVi2HoZUD8f6ienQf1bAL642WOOdkz8ngAUaJI2QyVfvdhbe_eLqr_B09XM8cs0Wg6cFxK4J8UY1z4KQlv_-e96JM4yORXGg&sig=Cg0ArKJSzAAx-mjvPU8rEAE&cid=CAQSKQDq26N9BRzfOd6vWY8cLwSH_8p7mL3k13t3J7zn6vnI5WNCvbOWYTu7GAEgEw&id=lidar2&mcvt=1000&p=0,0,280,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2170310943&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672154043675&rpt=518&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 15:14:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 64ms
64ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57ebfc644061dab736c2c91312ca527ebb65170fe3d1b5ada833e2d5d8dc7d17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:14:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11129
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 91ms
91ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Dec 2022 15:14:05 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 07E5 13 KB
5 KB 33ms
32ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ihseb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 567333
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 01:38:33 GMT
expires: Thu, 21 Dec 2023 01:38:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F007 783 B
534 B 32ms
31ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

729414e116fc780f3b9b1ee56a19fe3394dc8f075fe7a69066dabc156763b326

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2ZZGQhrSJvZGR9InCnLRhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ihseb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-2ZZGQhrSJvZGR9InCnLRhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 15:14:06 GMT
expires: Tue, 27 Dec 2022 15:14:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F007 0
0 121ms
121ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=3405008221349952&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 07E5 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 23:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Dec 2023 23:24:06 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 07E5 0
11 B 32ms
32ms Image
text/plain 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Zcs76A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:14:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 127ms
126ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=3405008221349952&bg=!5Oel56PNAAYgquz3AKo7ACkAdvg8WnMCqMKfdbXkjN6BiEx-tC0u6VmOjtC8mAk8Gd0nt1AUTBMm7AIAAABfUgAAAAJoAQeZAso88RbiM89Sop4R7f4ZVvJIjJePd65l_cPVHidnHZzUmduH5mmKGRJ48xxVhcN8tGWizlNoFc8SUg_QtK-Al3l7z61BDivt-Iesv1GxF2ngOxWFN4c_PZSHwM3HgNVebXVqZVUTT_G78QRui2xdRQsU0fnsaIj9iQX1TYj99W9lW6ngVW5SC-1FOrvJ057g57G8-HWxG9uDYODLN_O9LhC6lJiJLCjKY9vSxMrbfcKM_zevw68vYLkiVWlBJrjY-AjFl7jAvf_SM8kX-WjySVk8nCp91lMbN_RV9CqhQKVywJwQWEL5gjyNw-k4BCm-YKB2Q2QnnSqAcQfPq9jnE9BiM6vYZqKBiHB2ADDaSVhRM8uwMd-xDnPUnJ42x9sKXUNO1r-6cf84XKeX2HF8UUMxidbWolnYnv1XMNr2T9aJUKkOfiGDX-wEaT2thuo_WWQBop-iWJ3e7hcJd6-spPFAE64nyf8ZEQ36oul4sJI4yUzuMuBXGfS9QjK0iv-84g9Sw6QuWZkz2Tzgcv1bX6GzfQfokk-pITVZ2f1cNdX0Swzaz4O3ZvXKjeD_tqt5jnJzl4htWalE5vDGvzui-pFNrinlTEt-jI3aVeiADYP9z-6B72cK-En9GmGGhmoWD5yAG1DfTf7Uuo6x92gBbFfzl4_4Ur7Lv0CZ6xSUxIDkmnh-AwCHhXI210ehfDiv7Mm285cumz9RZJ7-lIdRcc9-oSRFbAPSPhc_j-MphklbPbV5RUHUL7KZxEMPZ0fUOW9e386P4i1vNLNTtB5jOCp1t492mOwPa8knv7OHnWZVgd-Ojpq0wePHcOh5cGGPwrYoOTPablZSBjFZTqkiiBD0FFYBBXX--0ObcAoMIip6FIsR4FHkhCRFxuW7cp1_fEE-q-p30AHqSmmTLrinb9ZTNOtnIbw-4YMpbAyJLAV88qcdL8p8U9BmsZM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ihseb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 17:50:50	Name: IDE Value: AHWqTUnMrqdFiNguMWhR7Kb4OzgQXVnWbK1b9ngz7GWbh4o9zFhnjAglIjncfLpQvyw
.doubleclick.net/	1970-01-20 08:29:17	Name: DSID Value: NO_DATA
.blismedia.com/	1970-01-20 17:14:54	Name: b Value: 63AB0BBC51AB7E4A43096746BLIS
.casalemedia.com/	1970-01-20 17:14:50	Name: CMID Value: Y6sLvClZHHiU-zRB.cgmmgAA
.casalemedia.com/	1970-01-20 10:38:50	Name: CMPS Value: 1211
.casalemedia.com/	1970-01-20 10:38:50	Name: CMPRO Value: 1211
.de17a.com/	1970-01-20 17:07:38	Name: guid Value: 1.1274248317676258313
.yahoo.com/	1970-01-20 17:15:11	Name: A3 Value: d=AQABBLwLq2MCENnIZS4tDh21uoSgwdzuZ5YFEgEBAQFdrGO0YwAAAAAA_eMAAA&S=AQAAAl53KiPd-FNrLeOVQM5BO1o
.casalemedia.com/	1970-01-20 10:38:50	Name: CMTS Value: 5149

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=3046330951&client=ca-pub-3809175990604344&fa=1&ifi=3&uci=a!3&xpc=xlIYkLlOGR&p=https%3A//www.ihseb.net Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=3046330951&client=ca-pub-3809175990604344&fa=1&ifi=3&uci=a!3&xpc=xlIYkLlOGR&p=https%3A//www.ihseb.net Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cm.g.doubleclick.net
d5p.de17a.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
s.ad.smaato.net
sp-ao.shortpixel.ai
ssum-sec.casalemedia.com
tpc.googlesyndication.com
tr.blismedia.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.ihseb.net
104.18.33.19
142.250.185.130
162.144.13.179
213.155.156.182
2400:52e0:1e00::865:1
2600:9000:223f:ee00:1b:5138:8a40:93a1
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:827::2003
2a00:1450:400d:802::2002
2a00:1450:400d:803::2002
2a00:1450:400d:806::2002
2a00:1450:400d:808::2001
2a05:d018:d29:3605:db2f:b9cd:e64:dd58
34.96.105.8
69.173.144.139
98.98.134.243
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8b9e4d48e3ef9e86099894aa2326d3c71380881cf1a3800880042cc0f35b26
0cc7740c9468aaae51503c1e2a06376b3c946ff587e8eddf5265f92fd5508b2c
13fb711e28c731a49b07a30e0b2f908026190e8a9754f85dfeaea68f28d7c8db
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1e09fbe47395274b7b2ac7c6c0d2470611f1a7b149bda29b8c1f6f4b2482f999
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36ec8e8c702a4c1b69be799c1294e730360eb146f1ec77ec8272528fdc4e3c17
4b53fbb2283de6a9c21ca514fb42b139067798fdac0c49423818190ac6b4aa61
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ebfc644061dab736c2c91312ca527ebb65170fe3d1b5ada833e2d5d8dc7d17
5a21fed4e0ec79d95721780eb4dd1ec1fe30e22b44341871e1c52e1a430ea693
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
610efc3d48050e9b8377e541b5ce93025ebefe3a08a6ff308e177794da53ca6a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6244e4496acd309118dc6e967a374ede63054d78a489c649e561af1d68bdee5f
63cabd6937f8e89a36dfd1961358988b60c6065a0495138d4b118cb430a83d93
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6d430b555046a6c395cc907abdae29818575ae203787c149a3ddfa73b5015510
729414e116fc780f3b9b1ee56a19fe3394dc8f075fe7a69066dabc156763b326
780999932b4cbfbfee9b0a107787794c73ae96b6f50ca596de6334d2cc805e21
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
93c065c4af38138c3013e2d62b0a65d60e85b6593ee21ff1eed35208c5f6ba12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a1fa693f644eaf248f70d2e5097760f9bdc6a6aa81dafb9b7936d33df87af442
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c7b16ee96fce1a4afaaf1c2a40faf5665aa6ef4ca08857841680e2cbc73aa1e8
d254aeeaa093cde5767602c8d256f6c697d089e02b6ca446507977cf6dd57c24
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dd18d153b6fe7818baa53581dbecb71b0698da3b36ad61a43e927a4514d33fdf
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5d9b58687c2c048eb8dac8e60c1f58dea2073a82f8faac85915d0924645d459
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fb7374647b668b25a0c7b0a276014c604dfa7f3d566459506bacfaafe3e15520

www.ihseb.net Open in urlscan Pro 162.144.13.179 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

88 %HTTPS

67 %IPv6

17 Domains

21 Subdomains

16 IPs

6 Countries

849 kBTransfer

2344 kBSize

9 Cookies

1 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ihseb.net Open in urlscan Pro
162.144.13.179 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

88 %
HTTPS

67 %
IPv6

17
Domains

21
Subdomains

16
IPs

6
Countries

849 kB
Transfer

2344 kB
Size

9
Cookies

83 HTTP transactions
2 data transactions