www.firmasec.com Open in urlscan Pro
2606:4700:3032::ac43:ab76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://firmasec.com/
Effective URL:
https://www.firmasec.com/
Submission Tags: analytics-framework
Submission: On April 21 via api (April 21st 2023, 10:51:48 pm UTC) from US — Scanned from DE

Summary HTTP 268 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 35 IPs in 9 countries across 36 domains to perform 268 HTTP transactions. The main IP is 2606:4700:3032::ac43:ab76, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.firmasec.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 13th 2022. Valid for: a year.

This is the only time www.firmasec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 24	2606:4700:303... 2606:4700:3032::ac43:ab76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
49	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:4e:1... 2620:1ec:4e:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
3 8	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	20.231.53.73 20.231.53.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
14 37	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
7 13	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
7 10	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
29	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
2 4	34.254.57.28 34.254.57.28	16509 (AMAZON-02) (AMAZON-02)
3 6	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
4 4	18.185.64.131 18.185.64.131	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
3 3	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:3546:3733:b35c:dc5d	16509 (AMAZON-02) (AMAZON-02)
2 4	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
4	2600:9000:223... 2600:9000:223f:4400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:972c:3399:2ba8:5a4e	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
10	2600:1f18:1ac... 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e	14618 (AMAZON-AES) (AMAZON-AES)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
268	35

24 2606:4700:3032::ac43:ab76 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

firmasec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.firmasec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.231.53.73 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

q.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 142.250.181.226 (United States) 14 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.80.39.216 (Canada) 7 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.89.210.82 (Frankfurt am Main, Germany) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.254.57.28 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-57-28.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.185.64.131 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-64-131.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.0.66 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:3546:3733:b35c:dc5d (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.217.42 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223f:4400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:972c:3399:2ba8:5a4e (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.20 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	805 KB
66	doubleclick.net 15 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 313 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394	303 KB
29	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	483 KB
24	firmasec.com 1 redirects firmasec.com www.firmasec.com	529 KB
18	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1049 static.adsafeprotected.com — Cisco Umbrella Rank: 820 dt.adsafeprotected.com — Cisco Umbrella Rank: 738	197 KB
13	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876	9 KB
13	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 16 adservice.google.com — Cisco Umbrella Rank: 130 mts0.google.com — Cisco Umbrella Rank: 7294	12 KB
10	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 319	11 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	176 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1265 q.clarity.ms — Cisco Umbrella Rank: 9771 c.clarity.ms — Cisco Umbrella Rank: 1901	22 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	341 KB
6	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 1341 r.turn.com — Cisco Umbrella Rank: 4617	3 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	5 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1703	919 B
4	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 1332	3 KB
4	google.de www.google.de — Cisco Umbrella Rank: 3425 adservice.google.de — Cisco Umbrella Rank: 5261	1 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 1037	1 KB
3	travelaudience.com 3 redirects ads.travelaudience.com — Cisco Umbrella Rank: 7904	892 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 908	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1248 s.tribalfusion.com — Cisco Umbrella Rank: 2774	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 6958	652 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1886	487 B
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 453	17 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 413	737 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689	717 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 4805	104 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 447	459 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2062	584 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 1007	98 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 744	874 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2258	297 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2823	173 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 50702	611 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1020	546 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	602 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	19 KB
268	36

	Domain	Requested by
49	pagead2.googlesyndication.com	www.firmasec.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com s0.2mdn.net
37	cm.g.doubleclick.net	14 redirects googleads.g.doubleclick.net www.firmasec.com
34	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
29	s0.2mdn.net	www.firmasec.com s0.2mdn.net googleads.g.doubleclick.net
23	www.firmasec.com	www.firmasec.com
22	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.firmasec.com googleads.g.doubleclick.net
13	dsum-sec.casalemedia.com	7 redirects googleads.g.doubleclick.net
10	dt.adsafeprotected.com	googleads.g.doubleclick.net
10	ib.adnxs.com	7 redirects googleads.g.doubleclick.net
8	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
7	www.googletagservices.com	googleads.g.doubleclick.net
6	googleads4.g.doubleclick.net	www.firmasec.com
5	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	www.firmasec.com googleads.g.doubleclick.net
4	static.adsafeprotected.com	googleads.g.doubleclick.net
4	sync.teads.tv	2 redirects googleads.g.doubleclick.net
4	pm.w55c.net	4 redirects
4	fw.adsafeprotected.com	2 redirects www.firmasec.com
4	q.clarity.ms	www.clarity.ms
4	fonts.gstatic.com	fonts.googleapis.com
3	image6.pubmatic.com	3 redirects
3	ads.travelaudience.com	3 redirects
3	r.turn.com	www.firmasec.com googleads.g.doubleclick.net
3	ad.turn.com	3 redirects
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	c.clarity.ms	1 redirects
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	mts0.google.com	googleads.g.doubleclick.net
2	ssl.google-analytics.com	1 redirects www.firmasec.com
2	www.clarity.ms	www.firmasec.com www.clarity.ms
1	c.bing.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	sync.mathtag.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	www.firmasec.com
1	stats.g.doubleclick.net	1 redirects
1	cdn.jsdelivr.net	www.firmasec.com
1	firmasec.com	1 redirects
268	51

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-13` - `2023-09-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-01` - `2023-05-08`	2 months	crt.sh

This page contains 38 frames:

Primary Page: https://www.firmasec.com/
Frame ID: F64ACAD1D2F8389BAC8B3C20D95064BF
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Frame ID: DBB59867AC38D3D19FE50E4D924B2E5C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&adk=1812271804&adf=3025194257&lmt=1682117501&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.firmasec.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117500812&bpp=8&bdt=277&idt=238&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6687256338316&frm=20&pv=2&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=276
Frame ID: A55B9324E6538499AFEC86964F734856
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=4144480424&adf=2712143399&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=1200x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117500820&bpp=1&bdt=285&idt=278&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YDKZjbBgsm&p=https%3A//www.firmasec.com&dtd=281
Frame ID: 5DB52B839701268D89E7CCE9B7A1B62D
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=763060771&pi=t.aa~a.1258418826~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=2&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=gP1lNsoTTR&p=https%3A//www.firmasec.com&dtd=26
Frame ID: B4D780B0030F6198CC751DAF7FF27F62
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&daaos=1682092429633&w=373&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250&nras=4&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=P7Xu2iFiCY&p=https%3A//www.firmasec.com&dtd=33
Frame ID: 63023DD6F5CA72B1234E9D6CAB58967D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37
Frame ID: F192C0E163AEBC488283FA385196BC1C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=1891063212&pi=t.aa~a.1259045259~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1294&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280%2C313x250&nras=6&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=r0mTJaNzdW&p=https%3A//www.firmasec.com&dtd=42
Frame ID: 3D97F2047624232FA7D9C0DE27BDE54D
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Frame ID: 337CBF1B5AED093FE5A8E52FD9E216C2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Frame ID: 703E0D6F4AAC6FE8AF9D3E23F225AEC5
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D2E1568A778A6D826B11C3B399FF2137
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E317F15959F2A8596BA1DC80543A8902
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 06C002666A5D5FDD5FB6E860B475B0CE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjPyrHlATAB&v=APEucNWHXaBBk0zWTrDrjTZdKyE91RG93GkWXyEcVdyl1kDEdfLqYJt5toCNCVsehZglVD8-OMBt-rWT94WmrnKWAMXg3ijTXQSaJjnSYKTKIDMj__PBsepPoHiZPaiyBEGOAmIkrxrq4iIodYqNMl0RN4JLhMSIRZlZaMyCP-YWbM8xpiwanIo
Frame ID: 347C495AF15836886474BDA6D79419C2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 94C5136186BE7482C63FC85A7E13A61A
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWrBIwM_3DulhrpiQ-okpr7M-mWOA5Oyf70EjekbOGd8d-0IovkePkHCFbBPXxQaAQJrfh-JzXFOKGKuuHlnUP8cOdo0JyaMmyHf-GPaolqOsKo3u_xUqMteyqQG3AihPdNINquRZcdkTeeCS-iBXoG6zhUkLd-xaUkdOYk_qftMjmfrGI
Frame ID: 595E8078621688B3A733B9CFD3950AA6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: BF29923207A7AB931C72503CC7DEB6C9
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWDdzv2lbMc_dDrsEcqUwpzObKScMcEcb8esT3wMWQ9uU80tq9ODQo74BOifz5ioLBeMzNbtNWzfpCUe2Q3zS18c_AhCW1s0g89UCLtAJL6LCryM9lWy0yHuzcQZ8hFOxbfrGwKgMG-f9uUhdonihMI8byUF7BZyXFf-CrBZi919gm-8iE
Frame ID: 2302310967199A7E040168D4A5AD06B3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: CF5E882DD3EE85E7FDC52607EABFA031
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Frame ID: 60353CA6F7D8267BE765907E18AFDF1C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Frame ID: 31561937266BC6C19DF829940C1725BF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Frame ID: 627A075CD0CF286F6E2A12B52BF0C4DF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 32FD7C6C9FA5899EFE77FC889C523E98
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E3EC6D5C6D21E76DE9E464C05F32F4ED
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=BlRjIFcTsL&t=1&renderingType=2&ev=01_247
Frame ID: 2B3AC5C5E4E1FAEC814C12D806CCFC43
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7A049046E371457D10B034142C76A730
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Frame ID: A3D3320C3914BF6B8358BEFEE176A90E
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
Frame ID: 7712BCCA04291EFB751CB1979BC73428
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CBE5F4F8843BC0DD0D2BC0D138EAD13D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AC11F78EEDBDAF34B4AD35485F88E655
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DDBBA58F906606D9D8F1EDDC0C30E15A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
Frame ID: CBD675F009AA2421673BAD1552BC6D9C
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 8169B2A8392B6DFB8050B17A1B77A74C
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 3A97153D21C003F653183FBEA0EAB883
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7F771C565B400DC3CF6C3339ED7CD817
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Frame ID: A63551CB5067329E4DBA218B4830D7A3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 104573676139B8902EC0438A4C4D2809
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3D9D3B7DD3464D7C24D0F05A243E6482
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Firma seç / firmasec.com

Page URL History Show full URLs

https://firmasec.com/ HTTP 301
https://www.firmasec.com/ Page URL

Detected technologies

Leaflet (Maps) Expand

Overall confidence: 100%
Detected patterns

leaflet.{0,32}\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

268
Requests

86 %
HTTPS

55 %
IPv6

36
Domains

51
Subdomains

35
IPs

9
Countries

2916 kB
Transfer

7723 kB
Size

46
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/firmasec

Search URL Search Domain Scan URL

URL: https://twitter.com/firmasec

Search URL Search Domain Scan URL

URL: https://www.instagram.com/firmaseccom

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://firmasec.com/ HTTP 301
https://www.firmasec.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=816033033&utmhn=www.firmasec.com&utme=8(Ana%20Sayfa)9(Ana%20Sayfa)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Firma%20se%C3%A7%20%2F%20firmasec.com&utmhid=1768290670&utmr=-&utmp=%2F&utmht=1682117500959&utmac=UA-54841386-1&utmcc=__utma%3D13758880.1844569112.1682117501.1682117501.1682117501.1%3B%2B__utmz%3D13758880.1682117501.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1568391337&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54841386-1&cid=1844569112.1682117501&jid=1568391337&_v=5.7.2&z=816033033 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54841386-1&cid=1844569112.1682117501&jid=1568391337&_v=5.7.2&z=816033033 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54841386-1&cid=1844569112.1682117501&jid=1568391337&_v=5.7.2&z=816033033&slf_rd=1&random=3784517825

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1&C=1

Request Chain 104

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEMTfvgRyc4OB6sMNovXaQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHqktao7O_Siy3QCilsBXW8&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHqktao7O_Siy3QCilsBXW8%26google_cver%3D1

Request Chain 106

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTMyODY0MjY0OTM2MzI3OTIw

Request Chain 116

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 126

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1

Request Chain 138

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEMTfvgRyc4OB6sMNovXaQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHqktao7O_Siy3QCilsBXW8&google_cver=1

Request Chain 140

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTMyODY0MjY0OTM2MzI3OTIw

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1

Request Chain 142

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEMTfvgRyc4OB6sMNovXaQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHqktao7O_Siy3QCilsBXW8&google_cver=1

Request Chain 144

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTMyODY0MjY0OTM2MzI3OTIw

Request Chain 165

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEG3HOuneHPYnQWS0AldCoMA&google_cver=1&google_push=Aer7DvI5xUM2mUZ1y4-si76yh9dEw9QaQ3io0z_xz396WsoYxlFCCnW-3A1uXB4uCtZse0ZB4U0MOk-28n7lji1lHnlWkITdJZn_39E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUzODc0MjI0ODM0OTE5NDE5Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG3HOuneHPYnQWS0AldCoMA&google_cver=1

Request Chain 166

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESED_rZLMWl6zB03znKO3R8RI&google_cver=1&google_push=Aer7DvLTDdSqrOXbKaRluLW2UiiK9Mewmyt4jOuSgOg1AxOOyJl_FQU0WPjADLZSw575eW9HbHkpcBL6yrrETtXhQ6H14m7w0hBO888 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESED_rZLMWl6zB03znKO3R8RI&google_cver=1&google_push=Aer7DvLTDdSqrOXbKaRluLW2UiiK9Mewmyt4jOuSgOg1AxOOyJl_FQU0WPjADLZSw575eW9HbHkpcBL6yrrETtXhQ6H14m7w0hBO888 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bW9rNlgxZEkxUFBaQnM1&google_gid=CAESED_rZLMWl6zB03znKO3R8RI&google_cver=1&google_push=Aer7DvLTDdSqrOXbKaRluLW2UiiK9Mewmyt4jOuSgOg1AxOOyJl_FQU0WPjADLZSw575eW9HbHkpcBL6yrrETtXhQ6H14m7w0hBO888

Request Chain 167

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBZZiHjta8r659Xl4wHIPTU&google_cver=1&google_push=Aer7DvK9VuYTapvEy-fyygD4NXtB2Fux865r6RFNY7DqoQNO0BKrm4JDDxBIeWVGQEcoBxbwfRZF-IzcEXwo3-XhwNXBuGBNC2IIDB0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBZZiHjta8r659Xl4wHIPTU&google_push=Aer7DvK9VuYTapvEy-fyygD4NXtB2Fux865r6RFNY7DqoQNO0BKrm4JDDxBIeWVGQEcoBxbwfRZF-IzcEXwo3-XhwNXBuGBNC2IIDB0

Request Chain 168

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJy_gGruDke2JGnO-pcypWc&google_cver=1&google_push=Aer7DvLf9sWXugOD_RrORSAjRjewRSFw-WphnXaEzLyAZiBmHik7sIMUJWesWxn5wBJnKTTckG6QzP3t4WX136wcHD_RB8B5oZWiOl0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvLf9sWXugOD_RrORSAjRjewRSFw-WphnXaEzLyAZiBmHik7sIMUJWesWxn5wBJnKTTckG6QzP3t4WX136wcHD_RB8B5oZWiOl0&google_hm=4smV059iSFiPlMwN_C3-9BY

Request Chain 169

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBtTh_8nQOawAntVLrGMuBo&google_cver=1&google_push=Aer7DvKSpe-CfvP96e8H2IXkU9Wo40vbTePH9yVB2oVF44veIMjnyPwcLP3w-25GneG2UAtuUq22sMr8MspAjynRiqLc9qwZ4i1jIxc HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Vr_pwSFMQhGDapXttcbdKw2&google_push=Aer7DvKSpe-CfvP96e8H2IXkU9Wo40vbTePH9yVB2oVF44veIMjnyPwcLP3w-25GneG2UAtuUq22sMr8MspAjynRiqLc9qwZ4i1jIxc

Request Chain 171

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEC_uWLvEu1hJO4NKkiGw7ME&google_cver=1&google_push=Aer7DvJJfteYohJATlJ94vH4df5dZzeuhcyZC_N8dcP9hfs2sIYxWzeUI7mINzpK1JoRhKEkYSljZVK58_7tQ_U97lFl7zwcuZxevg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEC_uWLvEu1hJO4NKkiGw7ME&google_cver=1&google_push=Aer7DvJJfteYohJATlJ94vH4df5dZzeuhcyZC_N8dcP9hfs2sIYxWzeUI7mINzpK1JoRhKEkYSljZVK58_7tQ_U97lFl7zwcuZxevg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=viRYixRjQmyS1UGp9GJ2Rw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJJfteYohJATlJ94vH4df5dZzeuhcyZC_N8dcP9hfs2sIYxWzeUI7mINzpK1JoRhKEkYSljZVK58_7tQ_U97lFl7zwcuZxevg

Request Chain 186

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIE2p40tqy8LomdP5iYDDjQ&google_cver=1&google_push=Aer7DvLEzHSvdAc_9HGFg23BKhU3ssMdKOnbWJw4yM3mGOjC2k8RunTmgPsEY308J2vqvsznTecZKsqHD-XM_4PKHPqVg2KKLQirogI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bW9rNlgxZEkxUFBaQnM1&google_gid=CAESEIE2p40tqy8LomdP5iYDDjQ&google_cver=1&google_push=Aer7DvLEzHSvdAc_9HGFg23BKhU3ssMdKOnbWJw4yM3mGOjC2k8RunTmgPsEY308J2vqvsznTecZKsqHD-XM_4PKHPqVg2KKLQirogI

Request Chain 188

https://d5p.de17a.com/cookies/google?google_gid=CAESEA8sRiKjFAvav5NfTbmHmxA&google_cver=1&google_push=Aer7DvLaxD1G9aQyGyo6m4HR-XC1S2BOx5Cusn8m2VBkdMPS9hgOfu1Ayh3Monz4AErH9jPsNFa-P52EgZ0QZYwEJGFup9AQE3SeCXw HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEA8sRiKjFAvav5NfTbmHmxA&google_cver=1&google_push=Aer7DvLaxD1G9aQyGyo6m4HR-XC1S2BOx5Cusn8m2VBkdMPS9hgOfu1Ayh3Monz4AErH9jPsNFa-P52EgZ0QZYwEJGFup9AQE3SeCXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLaxD1G9aQyGyo6m4HR-XC1S2BOx5Cusn8m2VBkdMPS9hgOfu1Ayh3Monz4AErH9jPsNFa-P52EgZ0QZYwEJGFup9AQE3SeCXw

Request Chain 190

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBVsj28FAwb1-FScG1gEJso&google_cver=1&google_push=Aer7DvIh7scTBFSlTN8aicwjvDfNlOVJKq-VsLfcyTEvhErn1KPfH2vWlE40IH69euONI1byH7P-PHZ1CGw3k3x0tzP7T8IEcci0CA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=viRYixRjQmyS1UGp9GJ2Rw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvIh7scTBFSlTN8aicwjvDfNlOVJKq-VsLfcyTEvhErn1KPfH2vWlE40IH69euONI1byH7P-PHZ1CGw3k3x0tzP7T8IEcci0CA

Request Chain 192

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEyJVn-G8EDxz2NeLQBgIms&google_cver=1&google_push=Aer7DvIObbtSCEvF92hK-zvPKQmqdHavf56Ny17AymftViBzsliUCqdpqNA9AVokogQBSSOo5BUHIdwqvWdYibLGO36wIE8NkYtMDmc4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvIObbtSCEvF92hK-zvPKQmqdHavf56Ny17AymftViBzsliUCqdpqNA9AVokogQBSSOo5BUHIdwqvWdYibLGO36wIE8NkYtMDmc4 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 205

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI7EWVo-AeiATmjDxeD31Yo&google_cver=1&google_push=Aer7DvJ0voVQurpahVu7swW_gI23L7X0QKxvrpCQswI_LP8BQYMa74qiKt_7ac4FPyTNhCEHjeo5TFkkD9R3u8tK_ViS1JL6jxzYNW4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUzODc0MjI0ODM0OTE5NDE5Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG3HOuneHPYnQWS0AldCoMA&google_cver=1

Request Chain 206

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGSvnQj04cPSZi1hL_wuYq4&google_cver=1&google_push=Aer7DvJDOhkprDMvVkP7BkG6XDfAeLSiCmugrp4evjSCGNf3DrvaLa2cqb3wEYiLgg5St4sf98Oc1y1_-GlFZAeD3VU7wO25ELYq-w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJDOhkprDMvVkP7BkG6XDfAeLSiCmugrp4evjSCGNf3DrvaLa2cqb3wEYiLgg5St4sf98Oc1y1_-GlFZAeD3VU7wO25ELYq-w

Request Chain 207

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBKFgtjWgNtL-COylOeB5LU&google_cver=1&google_push=Aer7DvJ6z5FnXuDFgMRFlWQlCIK7cmWtEKBSA3jd7RFEl5nyCZrPo4ZPaazmd9qpTOu8usqLN19j7exUB1tM6RFkAe4T47G1Ek5xDvU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJ6z5FnXuDFgMRFlWQlCIK7cmWtEKBSA3jd7RFEl5nyCZrPo4ZPaazmd9qpTOu8usqLN19j7exUB1tM6RFkAe4T47G1Ek5xDvU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBKFgtjWgNtL-COylOeB5LU&google_cver=1&google_push=Aer7DvJ6z5FnXuDFgMRFlWQlCIK7cmWtEKBSA3jd7RFEl5nyCZrPo4ZPaazmd9qpTOu8usqLN19j7exUB1tM6RFkAe4T47G1Ek5xDvU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJ6z5FnXuDFgMRFlWQlCIK7cmWtEKBSA3jd7RFEl5nyCZrPo4ZPaazmd9qpTOu8usqLN19j7exUB1tM6RFkAe4T47G1Ek5xDvU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 209

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELrtJ8cyOk6TZ5hEJUn1SD0&google_cver=1&google_push=Aer7DvLB0zuy2uYpu10OmXNPW2nV79ii_WS2PgyoJXUr1dclVsB9eQcqvQ36DL2FbIy4MYCl6pKe1mGbA28bQGVYE_gQyVnLaX95 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNDYzOTY2NzcxMzk5Njk1NQ%3D%3D&google_push=Aer7DvLB0zuy2uYpu10OmXNPW2nV79ii_WS2PgyoJXUr1dclVsB9eQcqvQ36DL2FbIy4MYCl6pKe1mGbA28bQGVYE_gQyVnLaX95

Request Chain 210

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGn5du5KRlF9jwuojlVf9Ts&google_cver=1&google_push=Aer7DvLss9m6vb05z9RIiOgrHQMlioHBWk42hHUXwP76_5upNxbphtBgEoPFDV1vJgXkLQTCTjudfbah0gx42qdFaOuFTaBAaolCQ58 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Vr_pwSFMQhGDapXttcbdKw2&google_push=Aer7DvLss9m6vb05z9RIiOgrHQMlioHBWk42hHUXwP76_5upNxbphtBgEoPFDV1vJgXkLQTCTjudfbah0gx42qdFaOuFTaBAaolCQ58

Request Chain 211

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOxgkICXR_u_IcaOciRD1uQ&google_cver=1&google_push=Aer7DvJgwAjmUZ5Pt54hiI7t5Wqi2Y40fU_sRJuj8o3KnGpc6s8fOMXdsyo77X52uoP071p2c7ra-mw7O6_vaFW2bUpHiGW2JIrZfw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdSNUJXQU4tMy0xOTZV&google_push=Aer7DvJgwAjmUZ5Pt54hiI7t5Wqi2Y40fU_sRJuj8o3KnGpc6s8fOMXdsyo77X52uoP071p2c7ra-mw7O6_vaFW2bUpHiGW2JIrZfw

Request Chain 213

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-7403327254807716&ias_chanId=1&ias_placementId=19429846202&bidurl=https://www.firmasec.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hMGvMvQBd1c8q0MOjOOlUF&adContainerId=brand_safety_fhNDZObBI86p7gP3iZzoDw&cbFunctionName=goog_wrapCb_fhNDZObBI86p7gP3iZzoDw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.firmasec.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.firmasec.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7403327254807716%26output%3Dhtml%26h%3D250%26adk%3D1455411326%26adf%3D763060771%26pi%3Dt.aa~a.1258418826~rp.4%26daaos%3D1682092429633%26w%3D313%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1682117501%26rafmt%3D1%26to%3Dqs%26pwprc%3D3732620310%26format%3D313x250%26url%3Dhttps%253A%252F%252Fwww.firmasec.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1682117501828%26bpp%3D2%26bdt%3D1293%26idt%3D-M%26shv%3Dr20230418%26mjsv%3Dm202304180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dce2af5b19d983254-22d81dd3a6dd00ed%253AT%253D1682117501%253ART%253D1682117501%253AS%253DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g%26gpic%3DUID%253D00000bee15ab7c32%253AT%253D1682117501%253ART%253D1682117501%253AS%253DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D6687256338316%26frm%3D20%26pv%3D1%26ga_vid%3D1844569112.1682117501%26ga_sid%3D1682117501%26ga_hid%3D1768290670%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1047%26ady%3D4961%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759842%252C44759927%252C44788217%252C31073967%252C31074025%252C21065725%26oid%3D2%26pvsid%3D2303875668733491%26tmod%3D1424983322%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D1%26fsb%3D1%26xpc%3DgP1lNsoTTR%26p%3Dhttps%253A%2F%2Fwww.firmasec.com%26dtd%3D26&adsafe_type=bed&adsafe_jsinfo=,id:f2149fca-cd67-43b7-7aa1-39fccfced598,c:asL9oz,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-67fb65999c-j84sr,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tC6BCnz+11%7C12%7C131%7C141*.990511-61634100%7C1411%7C1412%7C1413%7C1414%7C1511%7C1512%7C1513%7C1514%7C1611%7C1612%7C1613%7C171%7C172%7C1811%7C1812%7C191%7C192,idMap:141*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:27,oid:15d69014-e097-11ed-9b84-a276b7f6e320,v:19.8.400,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 215

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-7403327254807716&ias_chanId=1&ias_placementId=19429846202&bidurl=https://www.firmasec.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hJvaOErZEWjZCHcaAkC2eC&adContainerId=brand_safety_fhNDZNf4K6bA9u8PpZ2PkAY&cbFunctionName=goog_wrapCb_fhNDZNf4K6bA9u8PpZ2PkAY&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.firmasec.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.firmasec.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7403327254807716%26output%3Dhtml%26h%3D250%26adk%3D1455411326%26adf%3D2366316601%26pi%3Dt.aa~a.1259055193~rp.4%26daaos%3D1682092429633%26w%3D313%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1682117501%26rafmt%3D1%26to%3Dqs%26pwprc%3D3732620310%26format%3D313x250%26url%3Dhttps%253A%252F%252Fwww.firmasec.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1682117501828%26bpp%3D1%26bdt%3D1293%26idt%3D-M%26shv%3Dr20230418%26mjsv%3Dm202304180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dce2af5b19d983254-22d81dd3a6dd00ed%253AT%253D1682117501%253ART%253D1682117501%253AS%253DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g%26gpic%3DUID%253D00000bee15ab7c32%253AT%253D1682117501%253ART%253D1682117501%253AS%253DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg%26prev_fmts%3D0x0%252C1200x280%252C313x250%252C373x280%26nras%3D5%26correlator%3D6687256338316%26frm%3D20%26pv%3D1%26ga_vid%3D1844569112.1682117501%26ga_sid%3D1682117501%26ga_hid%3D1768290670%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1047%26ady%3D4241%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759842%252C44759927%252C44788217%252C31073967%252C31074025%252C21065725%26oid%3D2%26pvsid%3D2303875668733491%26tmod%3D1424983322%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D7%26uci%3Da!7%26btvi%3D3%26fsb%3D1%26xpc%3D5sexCINS7x%26p%3Dhttps%253A%2F%2Fwww.firmasec.com%26dtd%3D37&adsafe_type=bed&adsafe_jsinfo=,id:be223e73-b08f-f7d0-dd20-f7dee8b33fa4,c:asL9pl,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-67fb65999c-496xn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tC6BCop+11%7C12%7C131%7C1411%7C1412%7C1413%7C1414%7C1415%7C1511%7C1512%7C1513%7C1514%7C161*.990511-61634100%7C1611%7C1612%7C1613%7C171%7C172%7C1811%7C1812%7C191%7C192,idMap:161*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:23,oid:15d690bf-e097-11ed-ae7d-a2b222e40cbc,v:19.8.400,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 219

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDL0OsYtr29rKzGzyBvD7FY&google_cver=1&google_push=Aer7DvK-KAu8KJz_fu7KQMNwVCug13zN7oz36tC4GpS4IxM92B2OFE_-oTSWFUVKuxlKBCX_UFrc1WTH7FluNXDXxN1cc96XTcf7AWpv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUzODc0MjI0ODM0OTE5NDE5Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG3HOuneHPYnQWS0AldCoMA&google_cver=1

Request Chain 221

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDqWG5VUE_gtjIzTqnaG0UM&google_cver=1&google_push=Aer7DvLq6R4GU3ChSxLjdzWge5mxUB8InNDzeEFuSDqFvTlfltQBEe9jjGWkjmxadnOaQKDukDt5mBOKNatbuA9RE17nQcauwx7cwX9m HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bW9rNlgxZEkxUFBaQnM1&google_gid=CAESEDqWG5VUE_gtjIzTqnaG0UM&google_cver=1&google_push=Aer7DvLq6R4GU3ChSxLjdzWge5mxUB8InNDzeEFuSDqFvTlfltQBEe9jjGWkjmxadnOaQKDukDt5mBOKNatbuA9RE17nQcauwx7cwX9m

Request Chain 222

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAh_LYAMiqAWCGhZLOZo5R8&google_cver=1&google_push=Aer7DvJitjPxSnxyvzohvB7voWhpOnilZDaPTQdAJ9E8bVn5sXKhGax9Pe99GNzzi8wz4DIQczqykrQKpv2CdES2wBZQ2psEtvyVG2w HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Vr_pwSFMQhGDapXttcbdKw2&google_push=Aer7DvJitjPxSnxyvzohvB7voWhpOnilZDaPTQdAJ9E8bVn5sXKhGax9Pe99GNzzi8wz4DIQczqykrQKpv2CdES2wBZQ2psEtvyVG2w

Request Chain 223

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHigcrZcovXglhaABsx2D9Y&google_cver=1&google_push=Aer7DvLrqf-PDOq98p54Mg9g4mLfjTY-EED1VJaamoAAV57z1TlkSAKRNHAwCSmnRoxBnHYDhWR9kjEQ7GDUHYQ25Y-KxNsG-9z59QYS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLrqf-PDOq98p54Mg9g4mLfjTY-EED1VJaamoAAV57z1TlkSAKRNHAwCSmnRoxBnHYDhWR9kjEQ7GDUHYQ25Y-KxNsG-9z59QYS&google_hm=eS0wYkVNcGdwRTJwR0JqSjBiR21LT2tMbEtkOFBRTjJsaX5B

Request Chain 224

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP3icq79RZfa_U2HcoKQVWs&google_cver=1&google_push=Aer7DvJi_j-vz1LnarTEmdOebQCXDUx0Cj6N7vPVdjI84Eevaeliw2bBCKBeCPl1wrU0arBgOjnYJ8vjM75ByKNc35acWMs5cr1y9OO6 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEP3icq79RZfa_U2HcoKQVWs&google_cver=1&google_push=Aer7DvJi_j-vz1LnarTEmdOebQCXDUx0Cj6N7vPVdjI84Eevaeliw2bBCKBeCPl1wrU0arBgOjnYJ8vjM75ByKNc35acWMs5cr1y9OO6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk2NTk5Njk1MDU2NTE0MzA0NA&google_push=Aer7DvJi_j-vz1LnarTEmdOebQCXDUx0Cj6N7vPVdjI84Eevaeliw2bBCKBeCPl1wrU0arBgOjnYJ8vjM75ByKNc35acWMs5cr1y9OO6

Request Chain 225

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECh7kVMVfy893t1BNgTjlAI&google_cver=1&google_push=Aer7DvLKHcgneiDXsQLCD9zKeMzuwhu6Zsx7tH-GdVlL72Q1Ho-oe0WRfInLTsOiHD4Qre9uskhyhWip8KYXKzz3NrBG4LpPe82249GH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvLKHcgneiDXsQLCD9zKeMzuwhu6Zsx7tH-GdVlL72Q1Ho-oe0WRfInLTsOiHD4Qre9uskhyhWip8KYXKzz3NrBG4LpPe82249GH HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 268

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2869AD5C51C7407CA9F3F7259918258A&RedC=c.clarity.ms&MXFR=3624E6DFCE6F654A3A2FF425CA6F6B0A HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2869AD5C51C7407CA9F3F7259918258A&MUID=361B9E98A3B4617600338C62A2666085

268 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.firmasec.com/
Redirect Chain

https://firmasec.com/
https://www.firmasec.com/

131 KB
16 KB

260ms
240ms

Document
text/html

2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 486e659b4fe80b650d0efa7bafea6e9e1a5f5152f50f5867a7d0d601d57eaf1f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7bb93168df136901-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 21 Apr 2023 22:51:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEW5XoyHq1veYAPZXEbyUAjNSllIURY1jnD%2FFJW21S9C16sDl2yg7wteXdZ4hVnbb3%2BlfeuVVPvWfHcC3VXvUwkH5pDp3127UaRC6G%2Bq3FJL3omWx5%2BxDLUxUh2DlDkESUWPQmWbnsDuuSTzSshy"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 7bb931687ec66901-FRA
content-type: text/html
date: Fri, 21 Apr 2023 22:51:40 GMT
location: https://www.firmasec.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3C9pTID%2Fdaq4S%2B24%2Bjdy5qHBUzsW8w1tbpIDO0UiI17HEl4Sm9lfvj2q6QxbrdLwBKZYxk4r5Qv0mRhclVQlOFqwQ8dNlxGlx2AFwIeFxuCnZscA8nI%2B7637J672hiBmlTQKyG1DZbsbyA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 logo.png
www.firmasec.com/assets/img/ 11 KB
12 KB 60ms
60ms Image
image/png 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firmasec.com/assets/img/logo.png
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fdeb84a665652d068eead6224d1ab22d3faf0653688456e79b6059198c49f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 04 Feb 2021 00:45:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "601b43c2-2db9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BLDDmKsiKdEKAOTUYcdOekzAgmj54ZXNhgDkxH3jUN1gSd%2FgjzUTXhrnK%2Ft3EzFD64l9zx4cWp45tcbMbbmDo3Z9ihRV0RJFvv86d2EN0DHC4eNZEPMu19oXThhnnaKGlCOFrvPGWo0aM5EhjXr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7bb9316a885e6901-FRA
content-length: 11705

GET
H2 200 logo-icon.png
www.firmasec.com/assets/img/ 10 KB
10 KB 59ms
59ms Image
image/png 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.firmasec.com/assets/img/logo-icon.png
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aea37a3c0fc392d4f0f76a43d5d880c6844be27863d19278649194cdc059ba8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 18 Feb 2021 13:24:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "602e6a99-26b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVHeleSDDNIdSZ2U%2BhexCCbQ2MhoHxXTS5r4wPnwW1bEhrq23%2Bqdcz01kjzbBa4qdlpJ3Ld4vRUoEqPbDy1GfNkAKXeqfxNGkJyQKnkLredq85VTo54%2Bb5j%2BEgqrGFdHMq%2FEu8srEIV7dIYBRsJs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bb9316a88606901-FRA
content-length: 9907
expires: Sun, 21 May 2023 22:51:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 124ms
71ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7403327254807716

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90e3f2457aad69aadfa67e68e8a5cf3408fe5b4be2acc212e0831847b963cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47405
x-xss-protection: 0
server: cafe
etag: 5352346845650357435
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:51:40 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
www.firmasec.com/web/scripts/ 87 KB
32 KB 32ms
30ms Script
application/javascript 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/web/scripts/jquery-3.6.0.min.js
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 03 Apr 2022 21:13:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 38169
etag: W/"624a0df9-15d9d"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ItzwTEavNhaJX0SDpKF4lhYlCByaDwfHr33YE9tJ8mdAmX0lAAslW54h4uQ%2BtibObPMJVyZblxYwQSzTn8cQKqfO2KkCH4Zg1iRNCSAw0y2JBN5kHwNWqu%2FE%2B%2FAkF0L1pkBO2jS6HelSotR88nw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb9316a88666901-FRA
expires: Sun, 21 May 2023 12:15:31 GMT

GET
H2 200 jquery-migrate-3.3.2.min.js Show response
www.firmasec.com/web/scripts/ 11 KB
5 KB 41ms
41ms Script
application/javascript 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/web/scripts/jquery-migrate-3.3.2.min.js
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 03 Apr 2022 21:13:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"624a0df9-2bd8"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIWn0t7Nkpy1bj6I2W2RdrpqseiXq9fWlxAMXAwwHfNilAg0Za%2FTjb%2F089qW7%2BPWm%2BvUZ5gxCpzhHWZCCLD8CG1KBhE1sU1aQZ8EABty6VZzCO6Mp8W9xf0yx0ZyqpQDbDyDwwG49TPUWPm0owOx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb9316b08d76901-FRA
expires: Sun, 21 May 2023 22:51:40 GMT

GET
H2 200 mmenu.min.js Show response
www.firmasec.com/web/scripts/ 68 KB
18 KB 49ms
49ms Script
application/javascript 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/web/scripts/mmenu.min.js
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3050220f89c0af76302e29a8770bc745f1976ce361d436befd3cb9e5d1e4a913

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 03 Apr 2022 21:13:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"624a0df9-111a0"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrFRGBv5DwEdVWzrwkHw0iY6dKPqZSNT%2B1TSL%2FgI6y2JZLPKafkKHK9yKXfuqiEtlVi7miPBTG4zxzRSSJ0ISXSBnue6aFZn%2Fi96tWe7hZbWH%2BRz6UC8z3cyf%2Fvyyz7SUozxl3wi7muImi5Gt1i3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb9316b08d86901-FRA
expires: Sun, 21 May 2023 22:51:40 GMT

GET
H2 200 chosen.min.js Show response
www.firmasec.com/web/scripts/ 27 KB
7 KB 38ms
38ms Script
application/javascript 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/web/scripts/chosen.min.js
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5f357aa086fb2680b9a87e725d9ac476d9c52fd1cdc64819bb4c79ac32139c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 03 Apr 2022 21:13:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 28727
etag: W/"624a0df9-6afc"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PjqWBJil2XxhLwEyzJ8LgTidWEfY5Ja3hZOhhHwusSfowhMdJf1xT3EQ5oXuNAet%2FvmtdS0VB%2BPnGy6DsL38tDi3Xf0WuCKEvIxjRq6C49IV23xgp7JFXOcnZBQtbI7uoAr27HxYlH4vmuUrk6z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb9316b08d96901-FRA
expires: Sun, 21 May 2023 14:52:53 GMT

GET
H2 200 rangeslider.min.js Show response
www.firmasec.com/web/scripts/ 8 KB
3 KB 39ms
39ms Script
application/javascript 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/web/scripts/rangeslider.min.js
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b85a02b04b5b57387fca1e766d3478accf8b14142f11cd2665fdd80c890f773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 03 Apr 2022 21:13:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"624a0df9-1fe8"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqrB%2BC160W6OQCiVpcimHi95Nq5i7xLjS6qKHN2bb1IHdaXGDF5OVL4iQAOzkMw0Me0vOmLJUiDILTVBFUkaTT7QKmtIED7nqXO7%2ByUVZNYfJiiMCblehH7BSs6yIRP3GmVDoOUybvbx3DX1GwcU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb9316b08da6901-FRA
expires: Sun, 21 May 2023 22:51:40 GMT

GET
H2 200 magnific-popup.min.js Show response
www.firmasec.com/web/scripts/ 21 KB
8 KB 43ms
42ms Script
application/javascript 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/web/scripts/magnific-popup.min.js
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3aa67b3decc478877d0c95a55dd2a4520004d1c52a2cb3234257f939220eb8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 03 Apr 2022 21:13:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"624a0df9-5290"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e45n%2Byg3V3S6o6pgNwy4gf8YZJpDLFUckX%2BHbtYmhy44eOJm0NNjtDuk23xFCkXqx4Lz0esnE1bGqKDRB0LWPgGGHqHg8uFwORL8DW0KWMbgcxc9hnPqqrn5ES0bOXpnVCH6Y308H12NsHiBu72F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb9316b48ff6901-FRA
expires: Sun, 21 May 2023 22:51:40 GMT

GET
H2 200 tooltips.min.js Show response
www.firmasec.com/web/scripts/ 5 KB
2 KB 42ms
41ms Script
application/javascript 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/web/scripts/tooltips.min.js
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1f0064fbfc6ae12830f80f5f0ad799b88bda2104f21c772ca46165612793483

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 03 Apr 2022 21:13:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"624a0df9-1481"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y05PaqbRfPXMokSNw5A1PTfqJUBJnlgTaWpYJCvKjDf9EiEbM17okpNa654I%2B%2BRpEMFCWBt8xmc9KZVozW%2F6rc8sB1esh2YPBBPHot%2BJGv7H5xPJ7Cwix4HHCAJLY7i%2FROqIun3kY3a67mApQRIE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb9316b49016901-FRA
expires: Sun, 21 May 2023 22:51:40 GMT

GET
H2 200 slick.min.js Show response
www.firmasec.com/web/scripts/ 41 KB
11 KB 43ms
43ms Script
application/javascript 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/web/scripts/slick.min.js
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 03 Apr 2022 21:13:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"624a0df9-a3e1"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwj3Zan6DuPrqAkY4f4JkxLLSagVlB0on%2FQkKu2BM5g5qdIUG5Rq7owX4TQJ9WZq0E5F075n70dcivuQOc0jXa7AZw84brmiyD%2FlWe8MmCnUO3XDdaQL5g8HW%2FC1XOtDa8shWH7nUf49tOoLdOSZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb9316b49026901-FRA
expires: Sun, 21 May 2023 22:51:40 GMT

GET
H2 200 custom.js Show response
www.firmasec.com/web/scripts/ 36 KB
9 KB 29ms
29ms Script
application/javascript 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/web/scripts/custom.js
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8481ef93e49a2231b9f58f9c30edce8e4371e568b26c1f1c4948512bb8f6dc4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 02:37:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 15518
etag: W/"624bab4c-8f1d"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZD3THiBsOJotIxH18YkZB6rHJVzYAff7Y7pdUCLz6L7ieGngjdIKTcibPjPrf4Vkl2EVNBAvyMxR%2FSz7KR%2BQX4BA584r11OLK3s9J%2FlEoWKwYutm7wiGBJfTMLPAhuVo91IAkdkDYKlI2YbqAD5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb9316b49036901-FRA
expires: Sun, 21 May 2023 18:33:02 GMT

GET
H2 200 leaflet.min.js Show response
www.firmasec.com/web/scripts/ 139 KB
42 KB 57ms
55ms Script
application/javascript 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/web/scripts/leaflet.min.js
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c40c27fc5759fbd9e3679e697c481ded760fd6299b7449ac8a41820ad7af5563

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 03 Apr 2022 21:13:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"624a0df9-22a09"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNAtW3OpemwBoZVAW2ZUC8hvfNLPcvoxfMgAH5cTcUoILGyxNCmCEbEClI0nXvSY%2B4yKbvvDVJi0eGHCGYiAIj2qvNvEydAi37PFHldzoOK6JsgBBxU%2Bd9TyctVzEUFT3ZDr1pO9XD5tcOMXDU6X"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb9316a88686901-FRA
expires: Sun, 21 May 2023 22:51:40 GMT

GET
H2 200 leaflet-markercluster.min.js Show response
www.firmasec.com/web/scripts/ 33 KB
9 KB 57ms
55ms Script
application/javascript 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/web/scripts/leaflet-markercluster.min.js
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58be871df61f6c512464e15db0941e63b9491bf1396a2ae3bea6f39e0854cd1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 03 Apr 2022 21:13:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"624a0df9-83bc"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dY58qEkDyeIZj%2FnBIjgxfQXunQbroj8trktdgg1lacCaIVtGX08umZOJVBbNTm%2Bg1FH1Q1SNteofqrqpRYy%2BqAaH5KEE0rVkaVo3pOX%2FotCrLwHKjQOgW%2Fw69z4Ea0tBoQlmgGWL%2FkeCWsbhXdKJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb9316a886b6901-FRA
expires: Sun, 21 May 2023 22:51:40 GMT

GET
H2 200 leaflet-gesture-handling.min.js Show response
www.firmasec.com/web/scripts/ 18 KB
7 KB 57ms
56ms Script
application/javascript 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/web/scripts/leaflet-gesture-handling.min.js
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b8c8f6c16d2cae4c13eb8907a4a7fb396ecd70104269deb719ca90b3c74126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 03 Apr 2022 21:13:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"624a0df9-47b2"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FugiwCDag7pFFC1%2FUF128LMEkDS66SAwszGCFg9ZAtRzjoppe0mQtNLe73qfZQLXcnms%2BjuaqmhDA0LWp0FhF9sVMY2U5bs1Wmsjb2GJSChu29klV8ml9j3br%2FGDlX5mt%2Bz4xoGqHzBNT%2FkXTbE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb9316a886c6901-FRA
expires: Sun, 21 May 2023 22:51:40 GMT

GET
H2 200 leaflet-listeo.js Show response
www.firmasec.com/web/scripts/ 9 KB
3 KB 45ms
45ms Script
application/javascript 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/web/scripts/leaflet-listeo.js
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa10afda665b9623c6261763eca7e2de6b4e4c7998aad1f23864f4d0b1b3e55a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 05 Apr 2022 02:37:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"624bab4c-248f"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZtTJwqVPV%2BJkbYXcBlmV%2F17z7txsvk0a46%2FPaEE%2FcS85%2FHtHqupSu6IiSjkPiMY8OxECkQLyx21HFBVnRlY2wyqJlBOZh5Wof6QKhFDAYECDa2Icdv1tgmxMUatGWoIwNUY6DeegNXTH1kEaQnf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb9316af8d06901-FRA
expires: Sun, 21 May 2023 22:51:40 GMT

GET
H2 200 sweetalert2@11 Show response
cdn.jsdelivr.net/npm/ 63 KB
19 KB 81ms
32ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b741437f08ff5a83072016e615fb8eb59bf5c2d03defb4027ec151de9d4ae0da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 32683
x-jsd-version: 11.7.3
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230029-FRA, cache-bma1677-BMA
x-jsd-version-type: version
server: cloudflare
etag: W/"fb54-2L7bOYXVT4xM2BDJlwfWdfStbCc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akT1yAw7fOFFPmt3VyFIof%2FqJlt3%2FhxnuehNEbNsoHKuvEP%2FAMt%2FkEezy%2FxuHqb1SNTNx1JSk7QPI1b3%2BMo4f%2BRs0bPi20%2F294nFWjYr8db8BtID7O1kNC4rBsVl6CCrGphNovVEnTiXE3de82s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7bb9316add8a37dd-FRA

GET
H2 200 typed.js Show response
www.firmasec.com/web/scripts/ 11 KB
4 KB 25ms
24ms Script
application/javascript 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/web/scripts/typed.js
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a868cad4a0420be9dc3c4736e51184ea77dc1bf49c00b48f8433c74aa06ce25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 03 Apr 2022 21:13:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 15306
etag: W/"624a0df9-2db4"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGv8jj%2BJoVH0mE5tlE7DS9vMlPGSj7k%2FIlftslk7o6jHIxByFvr0DMpiRDpLBRSz4B%2Fspxvw0SP%2BN%2BGLZrg0j2HRH0XIbsWZdDHzG2ayUkSFStnrpc%2BMcK0Lds0xEBF5JU2BKLpXemOWOCfgdzCK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7bb9316b590a6901-FRA
expires: Sun, 21 May 2023 18:36:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 18 KB
1 KB 85ms
35ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@500;600;700&family=Raleway:wght@300;400;500;600;700&display=swap

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

166b155c699564be0bfe506e67867b42197c04ac2f0509a1e188ad5e7f10cefe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 22:51:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 22:51:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 22:51:40 GMT

GET
H2 200 app.css
www.firmasec.com/assets/css/ 546 KB
102 KB 44ms
43ms Stylesheet
text/css 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/assets/css/app.css?id=be4be8439bc6db102418
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12477a515633c93d78d3c190f09981a0567eb49823593ce483cc0876f4c3d8e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 08 Apr 2022 14:04:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"625040dc-88716"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuGiCYQAERR4n2ziR0FcjR%2BrsnpUPmDRzFx%2BDYo1q8MHxU8aBvIKzV1rsxvghTwU%2BOcCcME2cDlybfOaGgluB6oJBShBgyMu08spj1tVwi4Eeax5cBq1xoLOdE1HvllW0VwyvxN1yIlSQDOCPgy2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7bb9316b08d66901-FRA
expires: Sun, 21 May 2023 22:51:40 GMT

GET
H2 200 f6mr2uf0lz Show response
www.clarity.ms/tag/ 615 B
974 B 211ms
115ms Script
application/x-javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/f6mr2uf0lz
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f2cec0fa7a7c336eaf509627a7a1401af6339be205824bf2276d29e870167acb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: application/x-javascript
date: Fri, 21 Apr 2023 22:51:39 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0fBNDZAAAAABRptasZbmgR5y24AP3T9TORlJBMzFFREdFMDQxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 simple-line-icons.ttf
www.firmasec.com/fonts/ 45 KB
46 KB 48ms
48ms Font
application/octet-stream 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/fonts/simple-line-icons.ttf?thkwh4
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a8ff22541abb659b5c965d334fdcbd92653979d3eec8bb581b104aa3812da9b

Request headers

Referer: https://www.firmasec.com/
Origin: https://www.firmasec.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 02:37:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 15518
etag: "624bab4c-b5c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgBqFkTL6hLY07HPkDm0YsKdB3W5Rxj%2BE3TfIpn2nkU44DbJY%2FYM0TKFQ6CYWy3y1mBC01w9PbrJqNZZpWcQ4NH3Py%2B4CSEf942X3f8RP9YMpfbjE2RHdODe0mg3qpVfvSozunoYK1Jm01OFO11X"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7bb9316a98706901-FRA
content-length: 46532

GET
H2 200 fontawesome-webfont.woff2
www.firmasec.com/fonts/ 65 KB
65 KB 28ms
28ms Font
application/octet-stream 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://www.firmasec.com/
Origin: https://www.firmasec.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 02:37:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 35339
etag: "624bab4c-10440"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNW68Z9NtbgapO79ZoG5IGHH0rG9YWnF3nSlzqptkZljqPu0GyHdVoQFNhE10E7pE9SCN1Gmr2MqIYAjQuX1UQQYatUIMWlYWq50AAtRCT3rn47Y2YTek9uVN7jinxrJi6s7MVQByNFBmA56BNB2"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7bb9316a98726901-FRA
content-length: 66624

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 95ms
21ms Script
text/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 21:39:20 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4340
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Fri, 21 Apr 2023 23:39:20 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 70ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@500;600;700&family=Raleway:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.firmasec.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 04:49:56 GMT
x-content-type-options: nosniff
age: 151304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 04:49:56 GMT

GET
H2 200 simple-line-icons.ttf
www.firmasec.com/fonts/ 45 KB
46 KB 32ms
32ms Font
application/octet-stream 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/fonts/simple-line-icons.ttf?b086c71b8b7d9097697af91899695ebe
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/assets/css/app.css?id=be4be8439bc6db102418
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a8ff22541abb659b5c965d334fdcbd92653979d3eec8bb581b104aa3812da9b

Request headers

Referer: https://www.firmasec.com/assets/css/app.css?id=be4be8439bc6db102418
Origin: https://www.firmasec.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 02:37:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 38168
etag: "624bab4c-b5c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tF48ERrC0DpLQhu38OD2MwSPJjOvmzw7Dv7AkbrCytJoIUNrtMGnF2OEoA4JJ2NHd3WXOnfMI1N9W987SY%2B5HWy%2F9uYqL2TDiJGfrImTZ0y6FmaD8mDL%2B7tJllQgYgaAZEjB7e17D4oo%2BhYnID7H"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7bb9316b79246901-FRA
content-length: 46532

GET
H2 200 fontawesome-webfont.woff2
www.firmasec.com/fonts/ 65 KB
66 KB 27ms
27ms Font
application/octet-stream 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/fonts/fontawesome-webfont.woff2?db812d8a70a4e88e888744c1c9a27e89
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/assets/css/app.css?id=be4be8439bc6db102418
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://www.firmasec.com/assets/css/app.css?id=be4be8439bc6db102418
Origin: https://www.firmasec.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 02:37:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 38168
etag: "624bab4c-10440"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCTKjdAVZi8awq1%2BkmREYzzr6Oa%2Br3SCB5jzRNpRO2baoG2BIqbut9YCXjT%2BKtqKy34bWjfpTHfRboAC%2BbS%2Bavdvv2FoGynHK%2BCdoUf%2FZwvLEcYFcU42CWyFM1qI7VuPBY8jQ%2BnJ4HEPDJZSrPjl"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7bb9316b79256901-FRA
content-length: 66624

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3842feb5a52b01665a847ace36ff915e32116d1ba92d7315ef1b74b85cb78445

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 fontello.woff
www.firmasec.com/fonts/ 9 KB
7 KB 27ms
26ms Font
application/font-woff 2606:4700:3032::ac43:ab76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmasec.com/fonts/fontello.woff?9fa4825f8b1b2fc3ce730672443ecf10
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/assets/css/app.css?id=be4be8439bc6db102418
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcd3b9a35d67c210cc6561100512853efc40fc9096bd5d1af6d05aa1725b3e8a

Request headers

Referer: https://www.firmasec.com/assets/css/app.css?id=be4be8439bc6db102418
Origin: https://www.firmasec.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Apr 2022 02:37:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 15518
etag: W/"624bab4c-257c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpWvpttXry4LLmhOFTlhCntnM7pbWI6B5GGQ9eLBPOZI5w1IhkisvTHzYNZHLFSAPkSeAktBJ8Me97WoOxerNXM17OG6H4EfZeNFg9TBHmpDKGKsIiu0GrgMjk1QIyn2NUEmRNRZHX66P35HdmM7"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 7bb9316b993a6901-FRA

GET
H2 200 1Ptug8zYS_SKggPNyCMIT5lu.woff2
fonts.gstatic.com/s/raleway/v28/ 30 KB
30 KB 66ms
43ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyCMIT5lu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@500;600;700&family=Raleway:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab47b8f50fe4195819b4af2ac0fffb2b3543502e11282d492d6cd73c124845cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.firmasec.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:24 GMT
x-content-type-options: nosniff
age: 74776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30448
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 20:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:24 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/ 354 KB
119 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074025

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7403327254807716

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93df30b72a8d92b428059ceadc0e900bbc84cfbd003ab3d529f85591f0e02bd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121766
x-xss-protection: 0
server: cafe
etag: 10689993325888990541
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:51:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/ Frame DBB5 10 KB
5 KB 73ms
21ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7403327254807716

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firmasec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 16:07:18 GMT
etag: 2378337311435320485
expires: Fri, 05 May 2023 16:07:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.6/ 56 KB
19 KB 33ms
33ms Script
application/javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.6/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/f6mr2uf0lz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:39 GMT
content-encoding: br
last-modified: Fri, 21 Apr 2023 01:54:00 GMT
x-azure-ref-originshield: 0V/ZCZAAAAAAqr3XgN3QjSYehW6REZZSCRlJBMjMxMDUwNDE3MDMzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DB420B4734B1A6"
x-azure-ref: 0fBNDZAAAAAD8TUf+M6CHQKeKiE5AyQQERlJBMzFFREdFMDQxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 8b7a7433-701e-005c-7c68-747b83000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=816033033&utmhn=www.firmasec.com&utme=8(Ana%20Sayfa)9(Ana%20Sayfa)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmu...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54841386-1&cid=1844569112.1682117501&jid=1568391337&_v=5.7.2&z=816033033
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54841386-1&cid=1844569112.1682117501&jid=1568391337&_v=5.7.2&z=816033033
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54841386-1&cid=1844569112.1682117501&jid=1568391337&_v=5.7.2&z=816033033&slf_rd=1&random=3784517825

42 B
408 B

95ms
32ms

Image
image/gif

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54841386-1&cid=1844569112.1682117501&jid=1568391337&_v=5.7.2&z=816033033&slf_rd=1&random=3784517825

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54841386-1&cid=1844569112.1682117501&jid=1568391337&_v=5.7.2&z=816033033&slf_rd=1&random=3784517825
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
602 B 108ms
29ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.firmasec.com&callback=_gfp_s_&client=ca-pub-7403327254807716

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074025

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777b7b28cc7faa46024ed30940f2438486bcfcb7b7f94b901adc3b5f949f9aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 81ms
28ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.firmasec.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 82ms
29ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.firmasec.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A55B 258 KB
67 KB 635ms
635ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&adk=1812271804&adf=3025194257&lmt=1682117501&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.firmasec.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117500812&bpp=8&bdt=277&idt=238&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6687256338316&frm=20&pv=2&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=276

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8997d43c32d67c4d9ff9747d82a7d6045c475bc10b13f6264f2f2b2b8ef517f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firmasec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 68529
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 22:51:41 GMT
expires: Fri, 21 Apr 2023 22:51:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5DB5 127 KB
39 KB 953ms
953ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=4144480424&adf=2712143399&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=1200x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117500820&bpp=1&bdt=285&idt=278&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YDKZjbBgsm&p=https%3A//www.firmasec.com&dtd=281

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f38c5e031df4153eb6caa7daf119a61df08184f621138ab1d9d88675ca01a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firmasec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 22:51:42 GMT
expires: Fri, 21 Apr 2023 22:51:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
296 B 396ms
108ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.firmasec.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.firmasec.com
Date: Fri, 21 Apr 2023 22:51:41 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
296 B 542ms
327ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.firmasec.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.firmasec.com
Date: Fri, 21 Apr 2023 22:51:41 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/ 149 KB
51 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/reactive_library_fy2021.js?bust=31074025

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec44c3c2b9f7f029ad962bffd11f118609bcbc16e85240f8bce3e81738c6d09f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51701
x-xss-protection: 0
server: cafe
etag: 1321737562075230198
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:51:41 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 32ms
30ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.firmasec.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 30ms
29ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.firmasec.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B4D7 21 KB
9 KB 270ms
269ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=763060771&pi=t.aa~a.1258418826~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=2&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=gP1lNsoTTR&p=https%3A//www.firmasec.com&dtd=26

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54824ac70cf394cef2a5edd87ac9e7b363038b5747579ea2f588b8d5150a9d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firmasec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 8999
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 22:51:42 GMT
expires: Fri, 21 Apr 2023 22:51:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6302 21 KB
9 KB 255ms
254ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&daaos=1682092429633&w=373&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250&nras=4&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=P7Xu2iFiCY&p=https%3A//www.firmasec.com&dtd=33

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0680028ca61bf87f60fd193d0b0d1f6a86a72928bc2c7ed0dc227588d6142a8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firmasec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 9004
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 22:51:42 GMT
expires: Fri, 21 Apr 2023 22:51:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F192 21 KB
9 KB 296ms
295ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f532ea31673ff8cc59da4c2fd78d34c3eded321e23acecce0f84dd90f3ef0d59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firmasec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 8956
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 22:51:42 GMT
expires: Fri, 21 Apr 2023 22:51:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3D97 131 KB
41 KB 467ms
467ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=1891063212&pi=t.aa~a.1259045259~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1294&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280%2C313x250&nras=6&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=r0mTJaNzdW&p=https%3A//www.firmasec.com&dtd=42

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9117c2fdee81987c8eada9706051b159165b4797032896a8e2e3192cdf6b347a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firmasec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41828
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 22:51:42 GMT
expires: Fri, 21 Apr 2023 22:51:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
31ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.firmasec.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.firmasec.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/ Frame 337C 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firmasec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 23:40:48 GMT
etag: 2378337311435320485
expires: Thu, 04 May 2023 23:40:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/ Frame 703E 10 KB
4 KB 22ms
22ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firmasec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 23:40:48 GMT
etag: 2378337311435320485
expires: Thu, 04 May 2023 23:40:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 337C 5 KB
755 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 22:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 21:41:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 22:51:41 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 337C 205 B
649 B 77ms
19ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:11:13 GMT
x-content-type-options: nosniff
age: 2429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 20 Apr 2024 22:11:13 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 337C 604 B
694 B 77ms
20ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:40:11 GMT
x-content-type-options: nosniff
age: 4291
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 20 Apr 2024 21:40:11 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame 337C 19 KB
8 KB 107ms
50ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 17:01:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8167
x-xss-protection: 0
server: cafe
etag: 3140062999518874537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 17:01:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 703E 0
0 65ms
64ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CG1NifRNDZLaPCPTZywWOy5aIBoybnO1ssfyfmYYQ3-SivcABEAEgjs3CDWCVgoCArAegAcGeoMgByAEDqQIvoWB_yAx6PqgDAcgDyQSqBM4BT9DIArfCDCVT9-JhdVnUC7ZbaYnYWMqk9hb8h4SUHiYkTMWLIDi9c68vVMFDTm0n7204-PeUySznAsrs0oWEz0e4xpn2WX8Ix2fFDs9ofUa_H9X5nRyB6kakOEs7eFziT6Fqs85AssNt5CAyFPZMZtnJa9t2RXWrhuzxJk2eVUITFwxUdYsgaaqjn_0ng00FsjGr8E4PF0rBzN2ndQzMeOO9YDtMClMWQ_k9LaexHk4smExLkcC9m6O3DPFgi20VDaIUhRQ14bXrlef_GKfABJzngIzuA5IFBAgEGAGSBQQIBRgEoAYDgAen4d-3AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPLwDdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTc0MDMzMjcyNTQ4MDc3MTYYAA&sigh=jFPZBgQe5c4&uach_m=[UACH]&cid=CAQSGwBygQiDARIv76-5CRwAWNl0D0zW7WvZKuCSJxgB

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Apr 2023 22:51:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 22:51:41 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 703E 21 KB
8 KB 127ms
81ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:40:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:40:14 GMT

GET
H2 200 10427213592847570528
tpc.googlesyndication.com/simgad/ Frame 703E 108 KB
109 KB 72ms
27ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10427213592847570528

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa65baabe5bc998b48458005e539351eb065b8d69b4dbdb40903fc72338c4a12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 09:02:37 GMT
x-content-type-options: nosniff
age: 308945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111033
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 07:40:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Apr 2024 09:02:37 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 703E 3 KB
1 KB 71ms
26ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 21:24:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 703E 19 KB
8 KB 67ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:45:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 703E 159 KB
49 KB 90ms
34ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:51:42 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 703E 32 KB
13 KB 126ms
82ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e4e65e7db3c40d4bb9c16f3e85e1e7ed107d564d25c56e3170b38da5460506f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 17:59:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13160
x-xss-protection: 0
server: cafe
etag: 2897017380701680925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 17:59:26 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D2E1 9 KB
921 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 22:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 21:53:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 22:51:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame D2E1 2 KB
818 B 90ms
83ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:40:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:40:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame D2E1 21 KB
8 KB 84ms
77ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:40:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:40:14 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame D2E1 3 KB
1 KB 89ms
82ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 21:24:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame D2E1 19 KB
8 KB 27ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:45:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D2E1 159 KB
49 KB 85ms
67ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:51:42 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame D2E1 32 KB
14 KB 26ms
20ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 12:00:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5DB5 9 KB
921 B 32ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=4144480424&adf=2712143399&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=1200x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117500820&bpp=1&bdt=285&idt=278&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YDKZjbBgsm&p=https%3A//www.firmasec.com&dtd=281

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 22:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 21:43:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 22:51:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 5DB5 2 KB
799 B 26ms
23ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:40:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:40:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 5DB5 21 KB
8 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:40:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:40:14 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 5DB5 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 21:24:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 5DB5 19 KB
8 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:45:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5DB5 159 KB
49 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:51:42 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame 5DB5 32 KB
13 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 12:00:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5DB5 0
0 68ms
67ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CR1cmfRNDZJDzB4SDrASLxorIA6KRhfZum9rUyIYRq-fX88YBEAEgjs3CDWCVgoCArAegAdWi1ckDyAEJqQIJw_IcYGyyPqgDAcgDywSqBNkBT9A4_0rqYB1ltNkBP_217kPyM0ZJjEkdafQThIBdbb_DMrVWBbrnfKnWGzG4BDZQFJwu8PfxeVZVeCdUykmtNy-O18x-MZWnfz9veKmcAynXXi57NlnAOmmONp3yOog0nDX3rUoZ7oolTqlAS_l_nJl6aPtw7IbLJvbj35y1-OV0LueLW0OgwYCQRolkQIV29NLhG1bINVIwFR3kaStrsz422e4cpm_1eHMPz9LF6aR2Jbj-EbtCK1rMPsCX9XO6iFrlcLKMma3awNH4AlNy77v2zc_2bDsb7sAEypr-jZwEkgUECAQYAZIFBAgFGASgBi6AB5PdqjaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDcjhfSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgTiATYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItNzQwMzMyNzI1NDgwNzcxNhgA&sigh=R2kPTvDnbnE&uach_m=[UACH]&cid=CAQSGwBygQiDzv8EB2Qo9FMHt5gjCoPrz4dzF35NiBgB&template_id=520

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=4144480424&adf=2712143399&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=1200x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117500820&bpp=1&bdt=285&idt=278&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YDKZjbBgsm&p=https%3A//www.firmasec.com&dtd=281
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Apr 2023 22:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 400 data=sVevmIp4RIjqC83MEBAAc77acmCKlHxonm8z3cKyqFurwC1Ip4ghC7IHpqxetoTQXAREM3fC_DVDx0CPNpMiSw
mts0.google.com/vt/ Frame 5DB5 0
0 124ms
29ms Image
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=sVevmIp4RIjqC83MEBAAc77acmCKlHxonm8z3cKyqFurwC1Ip4ghC7IHpqxetoTQXAREM3fC_DVDx0CPNpMiSw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=4144480424&adf=2712143399&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=1200x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117500820&bpp=1&bdt=285&idt=278&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YDKZjbBgsm&p=https%3A//www.firmasec.com&dtd=281
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 5DB5 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5DB5 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5DB5 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5DB5 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E317 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3303
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 21:56:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 06C0 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3303
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 21:56:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 703E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3de34d9b7e7ebbc4deb17d27e234b8efa3a5deb2c2d756ce50531b9bdd2577c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 347C 624 B
242 B 63ms
62ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjPyrHlATAB&v=APEucNWHXaBBk0zWTrDrjTZdKyE91RG93GkWXyEcVdyl1kDEdfLqYJt5toCNCVsehZglVD8-OMBt-rWT94WmrnKWAMXg3ijTXQSaJjnSYKTKIDMj__PBsepPoHiZPaiyBEGOAmIkrxrq4iIodYqNMl0RN4JLhMSIRZlZaMyCP-YWbM8xpiwanIo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&daaos=1682092429633&w=373&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250&nras=4&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=P7Xu2iFiCY&p=https%3A//www.firmasec.com&dtd=33

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&daaos=1682092429633&w=373&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250&nras=4&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=P7Xu2iFiCY&p=https%3A//www.firmasec.com&dtd=33
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 22:51:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 94C5 78 KB
27 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:51:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 94C5 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 21:24:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 94C5 19 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:45:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 94C5 0
0 38ms
36ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTZtF_JwAZZMfICqXKAggXQ_3E_KXuChP9DA55QJ13P9feuVbNxzNiqf0cqYbHBxWMxdBRiJU2mhxGp55y3NlI6qCO5ZQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&daaos=1682092429633&w=373&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250&nras=4&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=P7Xu2iFiCY&p=https%3A//www.firmasec.com&dtd=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 94C5 159 KB
49 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:51:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 94C5 42 B
63 B 58ms
57ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C6xRxRZ5Kc5KBGHeftfivG_7hqh6Si8P9fgjPUh_8MeAUgp5GdqEtuabtpnataUL4ARklZQdxpoAFA4coc1_LWb9gbwYTv5IOrVrPvfv3Yl9jhDu8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 94C5 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10432375854675466976&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5DB5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39159b6c6baeb37d98d9e347e0abd8ce6c04d34b1ac588d1351e747d55a7e7f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 595E 624 B
242 B 78ms
77ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWrBIwM_3DulhrpiQ-okpr7M-mWOA5Oyf70EjekbOGd8d-0IovkePkHCFbBPXxQaAQJrfh-JzXFOKGKuuHlnUP8cOdo0JyaMmyHf-GPaolqOsKo3u_xUqMteyqQG3AihPdNINquRZcdkTeeCS-iBXoG6zhUkLd-xaUkdOYk_qftMjmfrGI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=763060771&pi=t.aa~a.1258418826~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=2&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=gP1lNsoTTR&p=https%3A//www.firmasec.com&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=763060771&pi=t.aa~a.1258418826~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=2&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=gP1lNsoTTR&p=https%3A//www.firmasec.com&dtd=26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 22:51:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BF29 78 KB
27 KB 133ms
132ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:51:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame BF29 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 21:24:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame BF29 19 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:45:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BF29 0
0 31ms
30ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIyKSCKbgovYs0Blck85TxQ7VVrjgt2gJFLVp8-FPsvG5JutieG7gKlu2VH4M2yGZPC5uslGhkGtoTnPY-Xf2sqn01nA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=763060771&pi=t.aa~a.1258418826~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=2&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=gP1lNsoTTR&p=https%3A//www.firmasec.com&dtd=26
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF29 159 KB
49 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:51:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF29 42 B
63 B 57ms
56ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bpja68uKoOnErjPks69lyPqDejqVqZqZuVp24OaHNx2gNUIBQWZ14tU1la486dLuvSrNZW8vT_6lwSGFsPRe0I7ie7FzvUPJUOkYdaTLUVVw8wWgM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF29 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5842280230269589696&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 347C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1&C=1

43 B
632 B

41ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjPyrHlATAB&v=APEucNWHXaBBk0zWTrDrjTZdKyE91RG93GkWXyEcVdyl1kDEdfLqYJt5toCNCVsehZglVD8-OMBt-rWT94WmrnKWAMXg3ijTXQSaJjnSYKTKIDMj__PBsepPoHiZPaiyBEGOAmIkrxrq4iIodYqNMl0RN4JLhMSIRZlZaMyCP-YWbM8xpiwanIo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:51:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:51:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 347C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEMTfvgRyc4OB6sMNovXaQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1

43 B
632 B

22ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjPyrHlATAB&v=APEucNWHXaBBk0zWTrDrjTZdKyE91RG93GkWXyEcVdyl1kDEdfLqYJt5toCNCVsehZglVD8-OMBt-rWT94WmrnKWAMXg3ijTXQSaJjnSYKTKIDMj__PBsepPoHiZPaiyBEGOAmIkrxrq4iIodYqNMl0RN4JLhMSIRZlZaMyCP-YWbM8xpiwanIo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:51:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 347C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHqktao7O_Siy3QCilsBXW8&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHqktao7O_Siy3QCilsBXW8%26google_cver%3D1

43 B
1 KB

31ms
31ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHqktao7O_Siy3QCilsBXW8%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjPyrHlATAB&v=APEucNWHXaBBk0zWTrDrjTZdKyE91RG93GkWXyEcVdyl1kDEdfLqYJt5toCNCVsehZglVD8-OMBt-rWT94WmrnKWAMXg3ijTXQSaJjnSYKTKIDMj__PBsepPoHiZPaiyBEGOAmIkrxrq4iIodYqNMl0RN4JLhMSIRZlZaMyCP-YWbM8xpiwanIo

Protocol

HTTP/1.1

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:51:42 GMT
AN-X-Request-Uuid: 7c2a3a52-f19f-485b-965a-24215776040e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:51:42 GMT
AN-X-Request-Uuid: 469f644e-9d5b-473d-afb5-8af055886690
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHqktao7O_Siy3QCilsBXW8%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 347C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTMyODY0MjY0OTM2MzI3OTIw

170 B
188 B

57ms
57ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTMyODY0MjY0OTM2MzI3OTIw

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 21 Apr 2023 22:51:42 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: dfa3d9fb-c006-4426-ab64-10dc8979975b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTMyODY0MjY0OTM2MzI3OTIw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2302 624 B
242 B 64ms
61ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWDdzv2lbMc_dDrsEcqUwpzObKScMcEcb8esT3wMWQ9uU80tq9ODQo74BOifz5ioLBeMzNbtNWzfpCUe2Q3zS18c_AhCW1s0g89UCLtAJL6LCryM9lWy0yHuzcQZ8hFOxbfrGwKgMG-f9uUhdonihMI8byUF7BZyXFf-CrBZi919gm-8iE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 22:51:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CF5E 78 KB
27 KB 201ms
201ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:51:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame CF5E 3 KB
1 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 21:24:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame CF5E 19 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:45:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CF5E 0
0 32ms
30ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTUkzwNhiu4Ufj05to70N6r5hLW3bLsRfCJ4m2hr413uc4yYCskxxYE7eieP_xz-aroK8niw2oQBamdcE9myndUMMcOtQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF5E 159 KB
49 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:51:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF5E 42 B
63 B 56ms
54ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DVGjIXDDlqgLxyMyLBdSIzgHca0pQ7V4WPpK4B00cdTY67lnCG_e-LjjTDzdjrjYVXVCSmtQcokF2Daull80-lL6m1hSrCsII7XNfExeUotiAvxyI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF5E 0
20 B 58ms
56ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13115527702192359156&x=1&ct=76

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 5DB5 29 KB
29 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:56:08 GMT
x-content-type-options: nosniff
age: 348934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Apr 2024 21:56:08 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E317
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

38ms
38ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 22:51:42 GMT
expires: Fri, 21 Apr 2023 22:51:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 22:51:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6035 36 KB
14 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:28:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 16:28:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3D97 9 KB
921 B 36ms
32ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=1891063212&pi=t.aa~a.1259045259~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1294&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280%2C313x250&nras=6&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=r0mTJaNzdW&p=https%3A//www.firmasec.com&dtd=42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 22:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 21:55:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 22:51:42 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 3D97 2 KB
765 B 33ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=1891063212&pi=t.aa~a.1259045259~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1294&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280%2C313x250&nras=6&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=r0mTJaNzdW&p=https%3A//www.firmasec.com&dtd=42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:40:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:40:14 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 3D97 21 KB
8 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=1891063212&pi=t.aa~a.1259045259~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1294&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280%2C313x250&nras=6&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=r0mTJaNzdW&p=https%3A//www.firmasec.com&dtd=42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:40:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:40:14 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 3D97 3 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=1891063212&pi=t.aa~a.1259045259~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1294&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280%2C313x250&nras=6&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=r0mTJaNzdW&p=https%3A//www.firmasec.com&dtd=42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 21:24:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 3D97 19 KB
8 KB 27ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=1891063212&pi=t.aa~a.1259045259~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1294&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280%2C313x250&nras=6&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=r0mTJaNzdW&p=https%3A//www.firmasec.com&dtd=42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:45:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3D97 0
0 32ms
31ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQK2n3OfLeF1cm734YXSmo_W8KLWZsWhk7VqdJo7VttK4M4rnYlEB95Jeg9BCb9pggS6YJV8OAWtl8r9tdsqYwvmKIfgA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=1891063212&pi=t.aa~a.1259045259~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1294&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280%2C313x250&nras=6&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=r0mTJaNzdW&p=https%3A//www.firmasec.com&dtd=42
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D97 159 KB
49 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=1891063212&pi=t.aa~a.1259045259~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1294&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280%2C313x250&nras=6&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=r0mTJaNzdW&p=https%3A//www.firmasec.com&dtd=42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:51:42 GMT

GET
H3 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame 3D97 32 KB
13 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=1891063212&pi=t.aa~a.1259045259~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1294&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280%2C313x250&nras=6&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=r0mTJaNzdW&p=https%3A//www.firmasec.com&dtd=42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 12:00:35 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 06C0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

41ms
40ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 22:51:42 GMT
expires: Fri, 21 Apr 2023 22:51:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 22:51:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 94C5 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8659636207119&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 94C5 0
20 B 58ms
58ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8659636207119&version=m202301230201&ct=76&x=1&cor=10432375854675466000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 94C5 83 KB
35 KB 75ms
73ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CK3DciSWZa2imzNA5HR58r3XyDHywJlwo11U24ryzhyHCOxwWacUt_4l5TfAyoQwV9W4SWWw1T2VKrUI3sOA1Nffgaa0EfHJ373hkH4JeHXihV_tT6zeMBbY6FbqAvZwjXDlz6bb6vrHHdj3WltvKW4FdXLig5z0EDx8WaEXMlxaAcr0Y&dbm_d=AKAmf-CRE2Cev12I4Ub52dGc0za4KNojUb248aJlfWYDCWo2Cb5R5akWNz1xqMItB9eN5wCet5QMxnKWQI6Z_c1JUyUdrIc0ST4tN84aRxaWLk8_K9bGqVSg6yHwg3YRMuoH8KhFRT0d9_c0dS9wUaVugsjMZ8PGy4AXZWF1yntBKo85eVihon63vlJJrEpyI1Fr5kBv3Q0bRjHj9_oLiTJL_zkvlK-SBW5Jvb-e10YKek7KsJjCMaO6JUE1qpK3HVNtPOYKop0ZBfqP0aN7fjzUe2WMuhgPiK6ItDjs699EB8gUbYhbM2EU_u8YUD9aVmLHnWDnvhJkY8UhJH2oRuWrPh_25Ag1bogeR1DGHNJYztu_K5n0Rpw9Zd3aJh--5pDtJTzlzH4LBSCRt7AiXyHr5WShARP6ZB0RNqh73WMYOwL_2ID9J-daHE_35Vtme8IMlo6XR8t_Zxv2MhbIGzr8Ouvbo-3fcBnYujXP2hxCwfBZOsGtW76R0n3w2fA58WHrVF8EIGCJvi9pneUs6Jghb1GlZ185nR6_hkOJchNCH91eaElGRs9KG2mbp9Icll1_NTXi_LzVs_-3j0ySJXmelFU8bvVIAIvL9KB9_is3eIPeDUWNyco0pZyatRWK_Q2hBpjoe-HIPmjebuchRVePc2eg3_JbY9dG_5nkKq6zYxTnwV8ssxE3-EbTsbJzk-SfqWlNpywuVy_U7e7h_AFsLEtRoJSmACyDZVawy5K_EM5hrLoDuCjDKGaASg0BitGaVrlWO3TO3afyw_RbNITjeRquYbLi7cl2781K8Zs6dv0jxyuQdw0jijtwmtC_K7FNGEP3XfayBh70GCWCw3i83z_fEzro19dtv-QL-tUjBv7SwgQkzgdIlvfheza41iGD90-dMMpLYwyEBL-foupSkDCVr6W6tyjpbmn-Si85jgYgWqE60sKZ2I7-6GzrJPfPEfhQcoIIvfZqRk_hnNfP_dJdApo98vYN1BqTT11chFEiCiQXvpji_C5vmw1oXWRroG2p5MOJVLK4LtSPUlgdUX4QotfK3fbllhe833xIF8Niyxdgvxxi-RRurLYuc6-PkUTWMStBNa7p345KJapnNPzNMY4ZRDo2CqyYNvRFS7YkyaaD2S1QFjWcDbtdSkeNP_c9nWuckJiuaa8cYv5QaOeYQtXCSGZDfaq0B3h-22s_-g0KcShsAqHETQvRLNWRxFLISxgi8HndfLu2Ct5ruV-ENBiW4oeJt0aWxtYpLmqNNtcLUosbJ5j0xxZ-Rlvjt5FvsdgkHObYZG9DFXfGD3YQF-Hi_6Tw6bWKWFoq5lJlK4Q9oLBbEsHAPuUgu72-uhdBzaxpRQR28KGID-7vM_5g32zlMJYC1G2Tnf3qVzUrt5BBnkL5f5cqkD9Jyj6eRAmJ1RikYmJdS6_mixZ-qHEbyFhz4zc7jVkFHlZbzvErm5qxlx38u0iMnMfYXIwhiQfXW_FqBzMBv8h1bJoUbPYAuXnTwuHnIZlPtSWk2cyYWd3rVXYZb1yuUst0bjPUP7MfAYsHIRRnzr2CuBHbobCZY7kS4hJR4hUDlwHEU5g_Lp86iUMwyAzg2aRbJ6BuzhgOoQecvlwq4qJDD8gNTfiImth1vAy0Y0mwC_6cRzdPWTJz34zBp_zeDADLoLgxSomtbM7bp62AWlaT-6a4TDsS7wUWrfanrmpwJOqrItdTLAPxP1p3DHeVMgsbb6mSOC26npozhFktsvOEywZMOLjwIC9JRRyVjOvQpWNk24AQ_79CCn0Hguw0b0QneVIRSQm9SWEiunABp3p5VPlKtmvKucQ0islx-yWqGxde4dRaUdt5vBJjwb0I-r_fT-tBls9i1Bgz7Ykt2M8B9FOd-etZSssbr5ieHE4BWvKOaytouytxfJD1aDanJ6J8n974dx0BoXVVqwsTM74BAw3_aR7rh66CEGh6pVvpOSpR6lN8bLXiFwBvkK_4V-nxev7k02ZGq9igvztGNw1FfRElogqphqFDYWox1fPKrJ51teymc0_kCb16l0FAM1hLcTXLTTXrkAefon2Kgay_xSMbd2Jucdb6OoxpqihqgO3dUfRtqdkXen_ukz5yOQqYbTBpq-K4rb-QCuLBUsQ592mM7hOz03hTx4QRKtUEMfXadX-FSvtkQyr553xetv7xN3UZsX6D0LR6qMKn1waa201QE5skBjQmfYQvICq_C0VeCTu2WB9aeR7vtvk3jDvu8sKH1BSDAVNjzUUd2TFf_m-MQ0YmcYOeLFI_jvfckH7wxsvzIwsh-QXRY-xhrhzVWd2v-CFZ52pVljowfAfJH4jlxl-hJGhCAuP8a4rr1TMchE5x-GvjRkkTCD2zk1BCWGXiBDff8STptCWI2oRuZLJUX7nRlk5x0vqkepZp6WsqopkkTnnYMnMW9YbGOB-XhFQoeJ1RKM6ttXBjeA9ldyWY2iMuDXFZrz8WacbHmTNhppYcAw9U2MfmyvhVH_LSheWHIMnnnV2cn_1fKMqHN3xyLa-raqP9pCmmVUu4lEBVHDjgHCjRRbL9TarU1JoiV4RS_oZHF4FXYtlxeMCl-ebMu9me9Ua4J5nJhU_Y56GK7cZiJsUr0IwyVDXba5bT0LBQFtXGTwbjA1B2Q_KD2dByZ9LFb9dugTtpG-zCZSb5vjix57kiemLGirV14vZSS8aW50f9EblSBB70F4_J4TSM2q4QJWej-_xYkXudRY9onorD8pTFgnkbB25iEgFRotJpDfr1z4q9hgU3qCswY6wC3wcAcmaYbG7IqjPhS4JFTTN4hB8JWKQZNL4A5MAmHPVosB14wn-lbnvtmkvqj6f9sGQ5RSiJSjNMLoOu2YVAE9irALELUCnCYtpukSi2FqyzHySAfzPh42xuvYbmn6Hr3EbSz3Rkf-tMwdv7NaHJ_QuLgdg4aXfKFyxhsO_Xv7NVFT99yoQr9erkFqcvjdIB3NHnsr9GMHfmNC-zcsi-47YxelVt2daEP8lwxbxk_7Dj4YgHB8irp0Ls2ujdMNRSTq3PHM5hq5KupKFMEIZb5396P6m3g-Rir7Dq0Q9XV627zcbaWTqvm3jeV-tqXnpHlgajEYTdE-9NHNFYW0vLjt_Ja_YZsNl9luFKMZ8QJZUhrMPP6pXH_ta6mtfhQilIEvu1f-56PaecbBcCK1sdP6jZHRSrsysqMidY3O3dpvqB5m2C4CNZxNn1d9-In9ct5IIzlGKzMeunEI6aAvONUzzJmc1Ll9lbuMkCBZzaynNBbfm6D1P8ci-kUxqPB4XbPtJ2CzfQst-ge2Ugm6JHLsftsqZT_qdBSP85_H6jOTVSpX8f1xWc9TpTQ8QCuu4hTxoO9WW4rocPpcwEi_Px7GpkbP6HQdG13J9JsWld1Kqg6_7xt7DJ&cid=CAQSPABygQiDgEeBOYd7PcmxKcInOT2_Y0P8kxSlCRUVClnNSrYCvetgaMji-HqvrsYrKj723Re6pZn4OTAUXxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.firmasec.com%2F&ds=l&xdt=1&iif=1&cor=10432375854675466000&adk=1761367587&idt=100&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d98f937dedfab470f51a525b97e86401245ca348915363252f86c81974302b85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&daaos=1682092429633&w=373&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250&nras=4&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=P7Xu2iFiCY&p=https%3A//www.firmasec.com&dtd=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35724
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3156 36 KB
14 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:28:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 16:28:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3D97 0
0 73ms
72ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCYiOfRNDZJbbNqb_3wOfm4iACOv3r5Vvi-2g448Rgue0tfkBEAEgjs3CDWCVgoCArAegAcfmqOADyAEJqQIJw_IcYGyyPqgDAcgDywSqBM4BT9C7Mii2NKPPi-4IhmKVay_ufF11aLM-3Xhvagp1mIc_lQPtdqcxNp91jWwiKjpOc5f9P6olGPis-crnfCL-w4KEfJrcfS5_WifmXTVnkOVAXw3VxwgcmxkjcOJb0GLiE4EyQizE0MjeSrVRVQ_0PUYZBRkJhGs0BJwzW5n5vuGDL5nRqmr0or8dITI0rBL_-Ap1S1nrhwvhJtki8G9gOT6gPREFS2hM6yHqVGytqfkJqqh2Tr-jUGkBY2Y1Uf43LWl2umHNbpNbRmsMghHABNiLuI-jBJIFBAgEGAGSBQQIBRgEoAYugAehmdcfqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQpZAB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E4gE2BMK0BUBmBYBgBcBshccChoIABIUcHViLTc0MDMzMjcyNTQ4MDc3MTYYAA&sigh=hKVAfV94SLU&uach_m=[UACH]&cid=CAQSPABygQiDTymSZb7pp2MhvjdlDLa3b95a2j_G9MmrSGH5HdRSovO3nfI3ErjIGb4fLBZwEonl3Sr31jgp-hgB&template_id=520

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=1891063212&pi=t.aa~a.1259045259~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1294&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280%2C313x250&nras=6&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=r0mTJaNzdW&p=https%3A//www.firmasec.com&dtd=42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=1891063212&pi=t.aa~a.1259045259~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1294&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280%2C313x250&nras=6&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=r0mTJaNzdW&p=https%3A//www.firmasec.com&dtd=42
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Apr 2023 22:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 data=oM8cXx5U6dHk_SNPsw053Z12WIzPtxhOBgYal75i3Q45OxbbO3CX-aazgxdzJwlx_XRa7wJI7xfmEqPO3mjS3A
mts0.google.com/vt/ Frame 3D97 10 KB
10 KB 57ms
51ms Image
image/png 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=oM8cXx5U6dHk_SNPsw053Z12WIzPtxhOBgYal75i3Q45OxbbO3CX-aazgxdzJwlx_XRa7wJI7xfmEqPO3mjS3A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=1891063212&pi=t.aa~a.1259045259~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1294&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280%2C313x250&nras=6&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=r0mTJaNzdW&p=https%3A//www.firmasec.com&dtd=42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

8bac6de3b8d70999df11321cd138bc20896a8480908d13acb85402d1103f694f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:42 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10259
x-xss-protection: 0
x-server-version-bin: CggIBBD11YOiBg==
server: scaffolding on HTTPServer2
etag: 0c5a31499f750f2df
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Fri, 21 Apr 2023 23:51:42 GMT

GET
DATA 200
OK truncated
/ Frame 3D97 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3D97 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3D97 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3D97 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 595E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1

43 B
766 B

25ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWrBIwM_3DulhrpiQ-okpr7M-mWOA5Oyf70EjekbOGd8d-0IovkePkHCFbBPXxQaAQJrfh-JzXFOKGKuuHlnUP8cOdo0JyaMmyHf-GPaolqOsKo3u_xUqMteyqQG3AihPdNINquRZcdkTeeCS-iBXoG6zhUkLd-xaUkdOYk_qftMjmfrGI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:51:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 595E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEMTfvgRyc4OB6sMNovXaQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1

43 B
632 B

24ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWrBIwM_3DulhrpiQ-okpr7M-mWOA5Oyf70EjekbOGd8d-0IovkePkHCFbBPXxQaAQJrfh-JzXFOKGKuuHlnUP8cOdo0JyaMmyHf-GPaolqOsKo3u_xUqMteyqQG3AihPdNINquRZcdkTeeCS-iBXoG6zhUkLd-xaUkdOYk_qftMjmfrGI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:51:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 595E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHqktao7O_Siy3QCilsBXW8&google_cver=1

43 B
1 KB

68ms
51ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHqktao7O_Siy3QCilsBXW8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWrBIwM_3DulhrpiQ-okpr7M-mWOA5Oyf70EjekbOGd8d-0IovkePkHCFbBPXxQaAQJrfh-JzXFOKGKuuHlnUP8cOdo0JyaMmyHf-GPaolqOsKo3u_xUqMteyqQG3AihPdNINquRZcdkTeeCS-iBXoG6zhUkLd-xaUkdOYk_qftMjmfrGI

Protocol

HTTP/1.1

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:51:42 GMT
AN-X-Request-Uuid: 5be53362-f7fb-49af-b50b-06ee359e8bcd
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHqktao7O_Siy3QCilsBXW8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 595E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTMyODY0MjY0OTM2MzI3OTIw

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTMyODY0MjY0OTM2MzI3OTIw

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 21 Apr 2023 22:51:42 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 334b0378-32d9-4532-bc54-e696af90681c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTMyODY0MjY0OTM2MzI3OTIw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2302
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1

43 B
632 B

24ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWDdzv2lbMc_dDrsEcqUwpzObKScMcEcb8esT3wMWQ9uU80tq9ODQo74BOifz5ioLBeMzNbtNWzfpCUe2Q3zS18c_AhCW1s0g89UCLtAJL6LCryM9lWy0yHuzcQZ8hFOxbfrGwKgMG-f9uUhdonihMI8byUF7BZyXFf-CrBZi919gm-8iE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:51:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2302
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEMTfvgRyc4OB6sMNovXaQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1

43 B
632 B

24ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWDdzv2lbMc_dDrsEcqUwpzObKScMcEcb8esT3wMWQ9uU80tq9ODQo74BOifz5ioLBeMzNbtNWzfpCUe2Q3zS18c_AhCW1s0g89UCLtAJL6LCryM9lWy0yHuzcQZ8hFOxbfrGwKgMG-f9uUhdonihMI8byUF7BZyXFf-CrBZi919gm-8iE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:51:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVgkr7rlkO_wMAxllJmoBA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2302
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHqktao7O_Siy3QCilsBXW8&google_cver=1

43 B
1 KB

46ms
29ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHqktao7O_Siy3QCilsBXW8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWDdzv2lbMc_dDrsEcqUwpzObKScMcEcb8esT3wMWQ9uU80tq9ODQo74BOifz5ioLBeMzNbtNWzfpCUe2Q3zS18c_AhCW1s0g89UCLtAJL6LCryM9lWy0yHuzcQZ8hFOxbfrGwKgMG-f9uUhdonihMI8byUF7BZyXFf-CrBZi919gm-8iE

Protocol

HTTP/1.1

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:51:42 GMT
AN-X-Request-Uuid: 75877558-d276-4e58-93c1-fd0c32f0152a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHqktao7O_Siy3QCilsBXW8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2302
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTMyODY0MjY0OTM2MzI3OTIw

170 B
188 B

66ms
66ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTMyODY0MjY0OTM2MzI3OTIw

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 21 Apr 2023 22:51:42 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 0cc9626d-9485-4d22-99e1-371e1b3b4ec3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTMyODY0MjY0OTM2MzI3OTIw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame 627A 36 KB
14 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:28:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 16:28:35 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF29 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8291248623980&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF29 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8291248623980&version=m202301230201&ct=76&x=1&cor=5842280230269590000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BF29 95 KB
37 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARDIKa5lsBy-tJFVfJVWtZO1ccQ6rGPr-UITmNdsGgmAI2lqAMVSRU15UxGd5E_9TU8TeTnXl3fwZTx2YH3Y0RhGZm6-ZE7TJZrZzmf8SBEUpviz-7ZeqyURUd2jQxSnW7EiVOvaYzNDl_m4EUHPPtveU3aj6tJtTcHIGQmTj-ROwOwuo&dbm_d=AKAmf-AiAYd7nkL39n3OReeaw2eVDYRFfhPtswQnAg9fSr9ev_2Mtzl4OObsqQt0TAxtkX6WIC5yD16nR6IjIeaL9X7DiW1oG8J7uBw-sZwJXdwS-n-rdPgp1Dhyh3s1H2KvFpOX6vFfbIRIAo_iG6suppAFVYVPhNSojbyWgixPpnhGm7lfCOVvIyGlZWcuTBMQ3LuErGjoQTuahqwQShCLo2l9oKfr16MPEGArcKaA2OWFZwj066ks_DVKb7eWANWXAdWk1hNJnYGPpk5gsnfnGWPGbCNHzSEztwVnovIPvBKEAGhJjzvJmau5Vh4iy_eaANc82pJZLaOr7vL1_nLBYzyvWqrpI75h4RSpNHswVCMIA_Ray-i8_p3dYrohmNF0x4lQE5WAvP3ixq_VPatiwbmSE-T3h7mSZUlBNRQduZZJLiDWqdAJLCNswH0_yM4pDVxL5aGW1O03D5TM_heImV0NYtm_hJUHQoWycLLjgEyWS8LQuHJLH6kNtVLHJ-7XRtWZEfJCDNTz7ZX9FISJTdqbRme6vnIYI_kiUKZPL8YCk5qA06caum7zANhFWbJQbpEMmx8syi4f5ULzKgQEhvIlLKphIMXoYp6FCVyT9keW16PsV1ldHh4tRFr-XQe-xzdv4AbJcBsAauE2FWHdf9n8tcomu9QihzX58Ax1uZM4oCNKhPYQJNzZjYDWUdJFw8bvpwqzJPUDC9x_yjKBvCn9a8k0ma11Y5BI40iWpElE3kcdanOQ4yF6-aFmrcSh3zCwWTq3BF7Z1jyfHf8GDSN20zbV1kvcEQHt9zv8U5Tguhhf8hv-L1nWos4an7XZMFODcnCKhMY_1JBFL5d7o3gKsjWSh9e3BGuJyYWHywbU88V54h53lb9xuh_tjpvMifoLaylO0GzmefAzsAhmTmO7MAOYiJ4cmEEMbsEn7lPG92WPXS0cyDCy7_qEqYjTFoi2zQnDwXxwBwXLaNPshhaX9YRMxkjvffwg8sYN3QXk9p4hXEvdSQZ0Y6U_UDzJCSQqA3R108hvYAjPfzUZPE1zosghfLuAhZABOY8u6b5w4MQkp7EqpJtao4yheCfHBC48jx4NpyInHOPD9mwQFLxZARrOGT_dIxBPDigf-wU51tIA_LkbwGgH2DlDS3YwyN5sfsq9p37XfGH3-r0M1GjdJAo8PSTf7PHOjgS5rz2UGfb49RuWKMCgltNqcLGsye-XW0xmICP5MzwC1V1zO7utTQ6gVRK2btWpg_rZTIuaNQ2zoSJ5e02YgsRFlZPHdh3pLa772D-Kep-ox4RvDv9y4doNHt45N-uV0rQrlt4sQTw0XrMvwXbO37TkessBYsbhoB10x2uEk-o_F_wYSQiGGOQWp0u36B-fN1rSEx1rbwjeFMSkpMhsZDuSMgUowTYELPuwCUGdxUX6xsLY-1dMvt_QABhQ9cHGH_-KbBVVJR1f-vuey43cr2W_Ev4M3iUXZFwkL77N5aRl1CEkNFulD1mu0FpPCZYIQwAe4SlfDlrt1EBxr9hvIy1e_yefrSaDdkl8GZ0_snnRFzb5ADZACAvHNZnMKT6vIQLUARtimRE9P7H0-F0lMODPLedzXAYUP3QZAT9eaarcM6qI4PmUWIsrZT4BSlEOKfNIBUP2QYUZbgbnRmRmeZfnHS3vNP4AmuweewQLIf9fNVny7cq1L81Oa2Odu_LXL5T0Pe09i2YmxiXHecjAVhH9Gzhv0qs9ULTIRf4zfGNpclQOKRn-0iUc29SF3o1VrlYOtu2QDKW5mKmd4uyFBqG30z69n_ITniGKSU9oH43gF6qAsb_QfysK7qDZuf8wvCTfizroZUeX-iTHN-Xv0RhrjC256Q9Dz1DjgCgBjOwnGBbalBFdWqeewAEiXuycJrim67had9HUUAgi73IhyIi2rMBU02ExX6Q2FVtEHNhLkp1D2NjmJqypopr2FgOZmiRuDeH43osVVpCWr15rwFmd3X6cY2_nKJgqNV_o999b7YYIK3h1yQL8ypBp8jdyRCxf_rE7MltefjDmhDuLNVZ-1ItdU3d9dyK-2nayRifqYo-c6bU5v0bFBsRpBRE9Eb8HZSD4_kKhoeCcysFzGiYHWX8I00MVNZJ5FuHzeX8XsiXG5M5iNqspV5FQU15vi3hRE754pJwwvoIxgstT_AETyc3rVKzp9yd9MAKOsIfK3148JrrHjWpQWtWO7zx36a3wHywOPu8zyqQbFn7UvJGmuxHH_bnkJABCeNN_6ehhl4oWU5eJ-cosRo13YPii4P6Q4QFrWt-do_UWZgt-0moJobD_Q_F1cSOi-6gN57Cv9-JxuUMHMHY0Qs36xOc68_dIljePoS1BH2BgxT2y55KPA2uwXwdZVEyiC-Tb902a0tvGFrZpkzgm_XalYkrlUr_FUk0uuh__kRmQ5vJQYD7dnhnOpdmm2GM8KbNI9fZPUCHscANdDcyfIq9ruE4h49VvzN8nidEzT3V1DqvL0AMsgO2n-el9OqmCpnEH42Ofe-M2JoU3T1m4Ro34T3YgJA8rhbW6ZIpfx9ytRXl-ZAmmZGyHgpdGQ_tnUHfi2Jpz8h02z3kucnp8Tg3AJTqJvrhk2WCY5WEoadhtkDH2NVrtPd4I2rBMGk7QF0jC2gikMGien7CfPWv88_kV1XvU7Mkwo0XkCqljiGvQG4sBqVUfGSUW71jbuApnZVVWH3CI_djz3WrGAyaf0T7vSu8BNRfLEft11SS2Ah4BoNE-QhvMBstUtj5JHPwyUsL2ptHmzMOJL1Ey3AviY4ijnfjepM6NYlwlM5aw5s7_pfdtDOnzs4Q0ULiItvY86S76iDhv0RZIvL4i_44NbMcs6tHkHOrUvIBB8_sT7vxNdwXJNerAZl8PGUuxc9Zgq53qzX90yTxofDO62wdk6j4n_v7KgW236ozBhgEgyaVxXv4WnUTlKIyZA9AeBdvBAAUI4enX4eItEeTCl16vZjvgL8hDo1jPnx-ld1n_ci7WP6hYjpUe2BrgBRcgUaAt3jqVVajdAtx5BOOrnesTpXQEfd_e3285UQtHPj4KNJm3HCQ8_r_k-VdZU9o7edniShDBCQynN73qSRbH1O_u3H_iPvBpiPPUGAcuGqlYw_DeTsUT3u4kRV2TA1cvs80n68bAErk2sDXcmlADGocngmsn2v_hSdZMH17AeGkYj1YfLvNwRpuTr8_h7c91SkyTfEUGfNXOZkieD-ni4SJLqhNQ695PwXpR2F_o4YyPTqVndRVwxpzmzrpzV53vhD0fHzS5TD3bQjlfQ7V_SjZdtW_mnJ5rEQhZ7SmkENaWoUnQ7DCkiWEzfupbnCPYJVXTOXjWjwdJvd29yHXFzg1z0JaW5ZVi7ZyZFP3DkZMZ-ynMjvyfT0zMdEmjx7MaTSMb6Zr-bXBGD5lcx_DM9Q5UvoE1szFhq7YVw_7UZ_-JcVcAI2J_djmKf3XGfYKTMl54Lx6cQTpLIwZFlWTakJDcMJ8Zukfy_SQJX3EyG5dE1miPPkah5fLR1XGvr2_J7q3vEvwdmWud9BZWr5GikXhliNaiMlKM5dWF86tsQbNdRSxySb9zculXTCVnmesNzmr8JOMxxafLAdB66hqEsH6ukw&cid=CAQSPABygQiDNM-MQNk0zG2xYuzF4yPe0YyxPwXZph4mr4EWgOPEWjaoJDHlvb1MagsEvhbYZFukVmi1s7BplRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.firmasec.com%2F&ds=l&xdt=1&iif=1&cor=5842280230269590000&adk=497053795&idt=161&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44b8e6429dac5bcc2f8638abbe25cc7fde4e46452d301faf6b0303429c6edabd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=763060771&pi=t.aa~a.1258418826~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=2&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=gP1lNsoTTR&p=https%3A//www.firmasec.com&dtd=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 94C5 170 KB
59 KB 120ms
24ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:03:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 11:03:51 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame 94C5 11 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CK3DciSWZa2imzNA5HR58r3XyDHywJlwo11U24ryzhyHCOxwWacUt_4l5TfAyoQwV9W4SWWw1T2VKrUI3sOA1Nffgaa0EfHJ373hkH4JeHXihV_tT6zeMBbY6FbqAvZwjXDlz6bb6vrHHdj3WltvKW4FdXLig5z0EDx8WaEXMlxaAcr0Y&dbm_d=AKAmf-CRE2Cev12I4Ub52dGc0za4KNojUb248aJlfWYDCWo2Cb5R5akWNz1xqMItB9eN5wCet5QMxnKWQI6Z_c1JUyUdrIc0ST4tN84aRxaWLk8_K9bGqVSg6yHwg3YRMuoH8KhFRT0d9_c0dS9wUaVugsjMZ8PGy4AXZWF1yntBKo85eVihon63vlJJrEpyI1Fr5kBv3Q0bRjHj9_oLiTJL_zkvlK-SBW5Jvb-e10YKek7KsJjCMaO6JUE1qpK3HVNtPOYKop0ZBfqP0aN7fjzUe2WMuhgPiK6ItDjs699EB8gUbYhbM2EU_u8YUD9aVmLHnWDnvhJkY8UhJH2oRuWrPh_25Ag1bogeR1DGHNJYztu_K5n0Rpw9Zd3aJh--5pDtJTzlzH4LBSCRt7AiXyHr5WShARP6ZB0RNqh73WMYOwL_2ID9J-daHE_35Vtme8IMlo6XR8t_Zxv2MhbIGzr8Ouvbo-3fcBnYujXP2hxCwfBZOsGtW76R0n3w2fA58WHrVF8EIGCJvi9pneUs6Jghb1GlZ185nR6_hkOJchNCH91eaElGRs9KG2mbp9Icll1_NTXi_LzVs_-3j0ySJXmelFU8bvVIAIvL9KB9_is3eIPeDUWNyco0pZyatRWK_Q2hBpjoe-HIPmjebuchRVePc2eg3_JbY9dG_5nkKq6zYxTnwV8ssxE3-EbTsbJzk-SfqWlNpywuVy_U7e7h_AFsLEtRoJSmACyDZVawy5K_EM5hrLoDuCjDKGaASg0BitGaVrlWO3TO3afyw_RbNITjeRquYbLi7cl2781K8Zs6dv0jxyuQdw0jijtwmtC_K7FNGEP3XfayBh70GCWCw3i83z_fEzro19dtv-QL-tUjBv7SwgQkzgdIlvfheza41iGD90-dMMpLYwyEBL-foupSkDCVr6W6tyjpbmn-Si85jgYgWqE60sKZ2I7-6GzrJPfPEfhQcoIIvfZqRk_hnNfP_dJdApo98vYN1BqTT11chFEiCiQXvpji_C5vmw1oXWRroG2p5MOJVLK4LtSPUlgdUX4QotfK3fbllhe833xIF8Niyxdgvxxi-RRurLYuc6-PkUTWMStBNa7p345KJapnNPzNMY4ZRDo2CqyYNvRFS7YkyaaD2S1QFjWcDbtdSkeNP_c9nWuckJiuaa8cYv5QaOeYQtXCSGZDfaq0B3h-22s_-g0KcShsAqHETQvRLNWRxFLISxgi8HndfLu2Ct5ruV-ENBiW4oeJt0aWxtYpLmqNNtcLUosbJ5j0xxZ-Rlvjt5FvsdgkHObYZG9DFXfGD3YQF-Hi_6Tw6bWKWFoq5lJlK4Q9oLBbEsHAPuUgu72-uhdBzaxpRQR28KGID-7vM_5g32zlMJYC1G2Tnf3qVzUrt5BBnkL5f5cqkD9Jyj6eRAmJ1RikYmJdS6_mixZ-qHEbyFhz4zc7jVkFHlZbzvErm5qxlx38u0iMnMfYXIwhiQfXW_FqBzMBv8h1bJoUbPYAuXnTwuHnIZlPtSWk2cyYWd3rVXYZb1yuUst0bjPUP7MfAYsHIRRnzr2CuBHbobCZY7kS4hJR4hUDlwHEU5g_Lp86iUMwyAzg2aRbJ6BuzhgOoQecvlwq4qJDD8gNTfiImth1vAy0Y0mwC_6cRzdPWTJz34zBp_zeDADLoLgxSomtbM7bp62AWlaT-6a4TDsS7wUWrfanrmpwJOqrItdTLAPxP1p3DHeVMgsbb6mSOC26npozhFktsvOEywZMOLjwIC9JRRyVjOvQpWNk24AQ_79CCn0Hguw0b0QneVIRSQm9SWEiunABp3p5VPlKtmvKucQ0islx-yWqGxde4dRaUdt5vBJjwb0I-r_fT-tBls9i1Bgz7Ykt2M8B9FOd-etZSssbr5ieHE4BWvKOaytouytxfJD1aDanJ6J8n974dx0BoXVVqwsTM74BAw3_aR7rh66CEGh6pVvpOSpR6lN8bLXiFwBvkK_4V-nxev7k02ZGq9igvztGNw1FfRElogqphqFDYWox1fPKrJ51teymc0_kCb16l0FAM1hLcTXLTTXrkAefon2Kgay_xSMbd2Jucdb6OoxpqihqgO3dUfRtqdkXen_ukz5yOQqYbTBpq-K4rb-QCuLBUsQ592mM7hOz03hTx4QRKtUEMfXadX-FSvtkQyr553xetv7xN3UZsX6D0LR6qMKn1waa201QE5skBjQmfYQvICq_C0VeCTu2WB9aeR7vtvk3jDvu8sKH1BSDAVNjzUUd2TFf_m-MQ0YmcYOeLFI_jvfckH7wxsvzIwsh-QXRY-xhrhzVWd2v-CFZ52pVljowfAfJH4jlxl-hJGhCAuP8a4rr1TMchE5x-GvjRkkTCD2zk1BCWGXiBDff8STptCWI2oRuZLJUX7nRlk5x0vqkepZp6WsqopkkTnnYMnMW9YbGOB-XhFQoeJ1RKM6ttXBjeA9ldyWY2iMuDXFZrz8WacbHmTNhppYcAw9U2MfmyvhVH_LSheWHIMnnnV2cn_1fKMqHN3xyLa-raqP9pCmmVUu4lEBVHDjgHCjRRbL9TarU1JoiV4RS_oZHF4FXYtlxeMCl-ebMu9me9Ua4J5nJhU_Y56GK7cZiJsUr0IwyVDXba5bT0LBQFtXGTwbjA1B2Q_KD2dByZ9LFb9dugTtpG-zCZSb5vjix57kiemLGirV14vZSS8aW50f9EblSBB70F4_J4TSM2q4QJWej-_xYkXudRY9onorD8pTFgnkbB25iEgFRotJpDfr1z4q9hgU3qCswY6wC3wcAcmaYbG7IqjPhS4JFTTN4hB8JWKQZNL4A5MAmHPVosB14wn-lbnvtmkvqj6f9sGQ5RSiJSjNMLoOu2YVAE9irALELUCnCYtpukSi2FqyzHySAfzPh42xuvYbmn6Hr3EbSz3Rkf-tMwdv7NaHJ_QuLgdg4aXfKFyxhsO_Xv7NVFT99yoQr9erkFqcvjdIB3NHnsr9GMHfmNC-zcsi-47YxelVt2daEP8lwxbxk_7Dj4YgHB8irp0Ls2ujdMNRSTq3PHM5hq5KupKFMEIZb5396P6m3g-Rir7Dq0Q9XV627zcbaWTqvm3jeV-tqXnpHlgajEYTdE-9NHNFYW0vLjt_Ja_YZsNl9luFKMZ8QJZUhrMPP6pXH_ta6mtfhQilIEvu1f-56PaecbBcCK1sdP6jZHRSrsysqMidY3O3dpvqB5m2C4CNZxNn1d9-In9ct5IIzlGKzMeunEI6aAvONUzzJmc1Ll9lbuMkCBZzaynNBbfm6D1P8ci-kUxqPB4XbPtJ2CzfQst-ge2Ugm6JHLsftsqZT_qdBSP85_H6jOTVSpX8f1xWc9TpTQ8QCuu4hTxoO9WW4rocPpcwEi_Px7GpkbP6HQdG13J9JsWld1Kqg6_7xt7DJ&cid=CAQSPABygQiDgEeBOYd7PcmxKcInOT2_Y0P8kxSlCRUVClnNSrYCvetgaMji-HqvrsYrKj723Re6pZn4OTAUXxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.firmasec.com%2F&ds=l&xdt=1&iif=1&cor=10432375854675466000&adk=1761367587&idt=100&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:58:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:58:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 94C5 28 KB
11 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 17:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17915
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10768
x-xss-protection: 0
server: cafe
etag: 11141491900784070631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 17:53:07 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 32FD 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=1891063212&pi=t.aa~a.1259045259~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1294&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280%2C313x250&nras=6&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=r0mTJaNzdW&p=https%3A//www.firmasec.com&dtd=42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 12:45:37 GMT
etag: 48472445140208031
expires: Sat, 22 Apr 2023 12:45:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF5E 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4549526156755&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF5E 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4549526156755&version=m202301230201&ct=76&x=1&cor=13115527702192360000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CF5E 95 KB
38 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cxj-ah3ymKl8RmTJvR_dbMutQ23XcaqoFHkHq-_Q7VYG9ze5mX_qu2F7NtGXVKuX8SGaaUjKD8UbC521kgG8irPnk3Gwax0QmziZWr21kwQsIKEhzImeZHP-b3dktTqmDk2lfzfWU8sPiFeQMzKBDDUYNTaOwK4_jL40JVXxWz18aK4d8&dbm_d=AKAmf-CfxqVSb6BU-zinS4Wq_tAqIb1LC0jY8Z0IEk3wHvqTut2jNXO5I63Ftm8URGUTGnCmyiRoOecYdP198C2thDJUGmdl1fBkhba4WAr25JTZVCO6X9_qyWwSTZt6TwCzlxNIZGLDh99wgfaXqFpLMOs6k9v5utUhNy5fHWYUUM7ma65dTvZEmEbNYSadlOaJ0dg5X0mE-n-LwkcSjx67_aXfovvT7gLzjSzTbDJiKoPMGvNI5zyq2QQT0Ue-cjf26z7aXi0yt7gTZ55lWj4lydMcBEexpnoUNnD1EICh_n0F_3wRR6-d0VAgW2Bh1OksaU7GYDEx_YhedJt23FhfnhAeMqVUoPN81-0DFZe6_Hmzs-aEnbGsR_oJIbmnqV95tpzawOh-VhPBQefJaMgvo9_zZNM57sI222wX4wmBMMMH3-LKsQUoxN9hwib6dfQC4KtU8T7gcZtpPo-SbDzuWWQMMFhyJXKmGEQQF27cLoKMCWGHRmhx8xlrdYy_QgrVDA5dvkvjxqdchhL_6j1bZqpe4qVLQ6zIEk7afKrjBptmgJw58gpg7h_oW3Xf5Wwxs0uAtB0LdwzUOfAYsIF2MvmtwsV-yGlJVoKoIiLvlpdYZSB7yShmNuw0mqgskrMdApWmlkQhJ2eySCTfpfXdqYUfSIYQWTKbVHpJ2ODWCYqj2STFuU2dWAQd6nSQortFkF10hnfNKXFgVIRyUyunELxRzj8gihJnJqHHBGDF87wzr9CDgcqYi_0JSAWk_fhJFB913JZh-5eQ3AQbN9ejnhbKoDX_cR_VUvF1mhkUfjwlE2yA2pO1pkRfhVDlmignPFdL0Wsq2M7AFU3-65cGm-1GkLhgCEQidDHeNopuNXSj9eMfCVrt3H49jh5vWMe03YNtlostJOWzqBHAlPF9ypRzOWHd0r-cNAwY6FUOgfH1adDBXktsCewVjbALqQx8RcA3t_qP9Z4eSNzTZIxr5UEg-pgbgf5KTkgrnS_X6eNowTcewAMNIuBd_wEkfd1-10lFweSsLLDuQhxr5HFBVz1JXbz9dD5_PC5COWRe3pueDD02uIH5mTYl8qdpqhxFfiOSnHZVhkSTCfC5bbZwHW2tL4IZ-zfUxaTVjGFBjKwsQajiQ4q7PVC67maOa8Q3buROPtyCchloHIRuZ5zXA2h3gduJG7r-cr5w0TbuubQLIfD6labs6kJhEfgcWtQmc5XZFMw-IPBtFdUW8LqpZn2MtXBt_4eQtAajG9ttBaAGjObqBLP0Gb6ngkEXaE9ZkCsWlvVuLI1D1JqRuwQD-aRSV6x4Qxw_3H4ng2TqUJP7GUmn1ISM1D0N-SnecBUIdyHfRhFf8jCC83C9SXdEAlo-JEkJMBDKRZpkPuvYL0016MvDGTIHeABLqMVzAXp78M2xmy6bVHaM9OszQ-3qtpyI1Defb8JuOBNw684POijzj_kBzdTaWjuYVsYBL8TLI7RmcHTu31OFH-kokE3GIcOZ8afZGA1PrQuwyA_-saPEujcmr3fQRGBZz5WvO9lCj00N-9Pzt88aJABm3E_pYJ_B-OKZIqPCC_mMBoIUuZUajalb-arHy9f59FGPeMagibioIYj8UvjacQU0_61LWP9Qj_JkaJdhBZVhg2WlQDn9N6eM3Bdny87Y5AD1aHUgLelwlm9CuUEkgIU551EKTJwB4-QbjAdduBiiSUmUEGEZR3va_s15NuJ9YyEZT-3iFa42trfdUUBmiFcbkXLwbVadHzGPQrHuunrTS42MVS4WJ_rIAM_1gqfvkF66K-QN-0QotQVNEgXSkC-2smZEt5eShiPTpFAy6dTu9hUvLYSL60yD5GBR4nYN9peKqPE7exvupvHS5p4_8R3uDtXHYn44FbEHSVau_4oetSV-nmqSoTX8HsOoiwU8O1Qjx8XoFybW2Wo3idrl9vt9MHDUIa64-W0Lp8BbQkPznhKjDFBf_Bmq8YIW2vQZDgdkJc4T7qN0Y52G1n3tVeWIhtdvFDFt4TAxUGmWfS0jqHWifziNmKFFN5-j5gbb5BxNC3ePfraa8M049HSiYEeG6P-93H5DftbVmO9elSnL10aVM9l2UpEMLfus_jC4J9mTYFI-K-9lbVnXyR0A7ZOGdAX_U6AhpLmva0Ti8YMcL0FdbMGwo-o17QU-Bl4oxgXw7MtXNQUL7x1E4eZiNlL2iR9wNHBXC0TAv2s8uoYHZws9aNqrO7t2NN9bfhb8nJv9lSg0PXMvpw2ecuxWPfRPQYRBPAax0EVif-eJQhkzOZ3I1TfRYYKXBoPbphREi7-clWV6mRBS2gwsOZzTRk6cUiqJUe3awng7Yr_2tlfCdQwzcaFOWO-L4v70PuYvwj-zUHjfTh9OsAi0Y1rBgEvMht_P6JG_EWwSuqfeZ7cZRm8BN3McSDia4O08HKMztkYUgpS_wPfKxDLuOFctIaYBCz9yfTl59lh7Hh0-l8rx42A1qbCFoI34nLKoDSw5PFsBJfl0GLg61_wHS-dg45vwsuxukZ1wc0eOKC5msgf7ZREsuRsIdJW0CPG_FdWCuol2AGsN47Ow5nfnAEK10q6ETV_QEkvWIZ3k7pUj7xOZkgWU6SzjqzgfyYwiI-YvI6fzyczNS5vZNLmmWG2L1lEH0d-9UCQeR_ucqj74NWmml45iEEGZOS9_V3o5GMNaX2gISDg1Tn_n4NQVGpDaXVtaQP6xvicHJ3_IgUULjjC6-LzgsmJH_YrkaI9GA1XjwK7s9EYj8XVO7AJVnr2qUHOrOKKSmiGT9K_4KUvoAC48pKNLJBbIW3OHKLOECIzeg9lUPEJIyynUm47vGbaeultjtZh0ebAPeur9REAf3it_s41aPDr0OrRkih-yc-VV2rjcA4dDxlFfd7JxUFr7Njvd0vteQnJjUHVb0W-KEWY7D0jLX_1jXE0TGGBxxVLpCEwe7j2UuvN1qfgS2PZ3rETnuCqFafmtBICaeEVg8rvKAhEQ0KFi2Bk7jwtDShPZ09klqQTYk2HFucf8OgU6WVY-4Qx85c7rIUONde1_1LtcJ5by9Jl3bBxcxeh5wLPSgqCo_GZ4JbWtua_YoLkCttHgvJnM0xJrJwrIhClpoWHn3IezElma-_LEUzNaDrIYhZEif9nUiM70ZjBq23H3by5_WpDuzR7pXju5x7LpzM4FMOR6dj8Ck4ddlyDoDKgVSBLQQX-WRi6WSEXsCl2BSa5A4tsfDeBk7jBesjnZfdilRS61OppZIekEnRZbcEYbxBkfVUzag32Ji1hzwiEdpNIZogKPdm5c9vFAZg1ICtmia1-XSqQG2FgMhhatys51WtixVUQ8WmIFhibqRgfzoNX8-vkyK4-JoCGdfkx0u_AfJNijcA_9nRVyXfsLLF-w83YOJXiBGeqxR61QgoLH6ENodmPZecYdGWKrsxu_k2gBh4NvA7RciFIlTppr6W2sdC5QimVm89Bn8Z6Up8vwgIoHxGJI94aFSsSNgJ_1VtKtv91nzTRqa_kv_gbQ5m1fJg8hqqag85KOVoxj0uyV6GRFf7-l0_SLidcxrAkGeFUmihuDhJEtM0OiRjYfeMxA4e5ujBlhFqTNlljV&cid=CAQSPABygQiD8RLYYjQQ9tNGp8nO7jGNJxiHDAL6dm7AEUiw5UF-Qn0fMA_Q8mBsc8y0orUE-M2pMJVdAmYFSBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.firmasec.com%2F&ds=l&xdt=1&iif=1&cor=13115527702192360000&adk=1726166460&idt=206&cac=0&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55c06da7948a9d70de0ee295a888c212e4717ba8dc344ed28107d3875315e201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38406
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3D97 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b38626cbab8ac7b39f4875f6d7756757561de32f388285411e1c14ecfe05e56d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame BF29 243 KB
73 KB 166ms
46ms Script
application/javascript 34.254.57.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-7403327254807716&ias_chanId=1&ias_placementId=19429846202&bidurl=https://www.firmasec.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hMGvMvQBd1c8q0MOjOOlUF
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.57.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-57-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bf06d08a43ed14a2757366e266f4b639b712e0f6fe039e8eb0d31e777c0c196a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame BF29 106 KB
37 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 12:18:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame BF29 11 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARDIKa5lsBy-tJFVfJVWtZO1ccQ6rGPr-UITmNdsGgmAI2lqAMVSRU15UxGd5E_9TU8TeTnXl3fwZTx2YH3Y0RhGZm6-ZE7TJZrZzmf8SBEUpviz-7ZeqyURUd2jQxSnW7EiVOvaYzNDl_m4EUHPPtveU3aj6tJtTcHIGQmTj-ROwOwuo&dbm_d=AKAmf-AiAYd7nkL39n3OReeaw2eVDYRFfhPtswQnAg9fSr9ev_2Mtzl4OObsqQt0TAxtkX6WIC5yD16nR6IjIeaL9X7DiW1oG8J7uBw-sZwJXdwS-n-rdPgp1Dhyh3s1H2KvFpOX6vFfbIRIAo_iG6suppAFVYVPhNSojbyWgixPpnhGm7lfCOVvIyGlZWcuTBMQ3LuErGjoQTuahqwQShCLo2l9oKfr16MPEGArcKaA2OWFZwj066ks_DVKb7eWANWXAdWk1hNJnYGPpk5gsnfnGWPGbCNHzSEztwVnovIPvBKEAGhJjzvJmau5Vh4iy_eaANc82pJZLaOr7vL1_nLBYzyvWqrpI75h4RSpNHswVCMIA_Ray-i8_p3dYrohmNF0x4lQE5WAvP3ixq_VPatiwbmSE-T3h7mSZUlBNRQduZZJLiDWqdAJLCNswH0_yM4pDVxL5aGW1O03D5TM_heImV0NYtm_hJUHQoWycLLjgEyWS8LQuHJLH6kNtVLHJ-7XRtWZEfJCDNTz7ZX9FISJTdqbRme6vnIYI_kiUKZPL8YCk5qA06caum7zANhFWbJQbpEMmx8syi4f5ULzKgQEhvIlLKphIMXoYp6FCVyT9keW16PsV1ldHh4tRFr-XQe-xzdv4AbJcBsAauE2FWHdf9n8tcomu9QihzX58Ax1uZM4oCNKhPYQJNzZjYDWUdJFw8bvpwqzJPUDC9x_yjKBvCn9a8k0ma11Y5BI40iWpElE3kcdanOQ4yF6-aFmrcSh3zCwWTq3BF7Z1jyfHf8GDSN20zbV1kvcEQHt9zv8U5Tguhhf8hv-L1nWos4an7XZMFODcnCKhMY_1JBFL5d7o3gKsjWSh9e3BGuJyYWHywbU88V54h53lb9xuh_tjpvMifoLaylO0GzmefAzsAhmTmO7MAOYiJ4cmEEMbsEn7lPG92WPXS0cyDCy7_qEqYjTFoi2zQnDwXxwBwXLaNPshhaX9YRMxkjvffwg8sYN3QXk9p4hXEvdSQZ0Y6U_UDzJCSQqA3R108hvYAjPfzUZPE1zosghfLuAhZABOY8u6b5w4MQkp7EqpJtao4yheCfHBC48jx4NpyInHOPD9mwQFLxZARrOGT_dIxBPDigf-wU51tIA_LkbwGgH2DlDS3YwyN5sfsq9p37XfGH3-r0M1GjdJAo8PSTf7PHOjgS5rz2UGfb49RuWKMCgltNqcLGsye-XW0xmICP5MzwC1V1zO7utTQ6gVRK2btWpg_rZTIuaNQ2zoSJ5e02YgsRFlZPHdh3pLa772D-Kep-ox4RvDv9y4doNHt45N-uV0rQrlt4sQTw0XrMvwXbO37TkessBYsbhoB10x2uEk-o_F_wYSQiGGOQWp0u36B-fN1rSEx1rbwjeFMSkpMhsZDuSMgUowTYELPuwCUGdxUX6xsLY-1dMvt_QABhQ9cHGH_-KbBVVJR1f-vuey43cr2W_Ev4M3iUXZFwkL77N5aRl1CEkNFulD1mu0FpPCZYIQwAe4SlfDlrt1EBxr9hvIy1e_yefrSaDdkl8GZ0_snnRFzb5ADZACAvHNZnMKT6vIQLUARtimRE9P7H0-F0lMODPLedzXAYUP3QZAT9eaarcM6qI4PmUWIsrZT4BSlEOKfNIBUP2QYUZbgbnRmRmeZfnHS3vNP4AmuweewQLIf9fNVny7cq1L81Oa2Odu_LXL5T0Pe09i2YmxiXHecjAVhH9Gzhv0qs9ULTIRf4zfGNpclQOKRn-0iUc29SF3o1VrlYOtu2QDKW5mKmd4uyFBqG30z69n_ITniGKSU9oH43gF6qAsb_QfysK7qDZuf8wvCTfizroZUeX-iTHN-Xv0RhrjC256Q9Dz1DjgCgBjOwnGBbalBFdWqeewAEiXuycJrim67had9HUUAgi73IhyIi2rMBU02ExX6Q2FVtEHNhLkp1D2NjmJqypopr2FgOZmiRuDeH43osVVpCWr15rwFmd3X6cY2_nKJgqNV_o999b7YYIK3h1yQL8ypBp8jdyRCxf_rE7MltefjDmhDuLNVZ-1ItdU3d9dyK-2nayRifqYo-c6bU5v0bFBsRpBRE9Eb8HZSD4_kKhoeCcysFzGiYHWX8I00MVNZJ5FuHzeX8XsiXG5M5iNqspV5FQU15vi3hRE754pJwwvoIxgstT_AETyc3rVKzp9yd9MAKOsIfK3148JrrHjWpQWtWO7zx36a3wHywOPu8zyqQbFn7UvJGmuxHH_bnkJABCeNN_6ehhl4oWU5eJ-cosRo13YPii4P6Q4QFrWt-do_UWZgt-0moJobD_Q_F1cSOi-6gN57Cv9-JxuUMHMHY0Qs36xOc68_dIljePoS1BH2BgxT2y55KPA2uwXwdZVEyiC-Tb902a0tvGFrZpkzgm_XalYkrlUr_FUk0uuh__kRmQ5vJQYD7dnhnOpdmm2GM8KbNI9fZPUCHscANdDcyfIq9ruE4h49VvzN8nidEzT3V1DqvL0AMsgO2n-el9OqmCpnEH42Ofe-M2JoU3T1m4Ro34T3YgJA8rhbW6ZIpfx9ytRXl-ZAmmZGyHgpdGQ_tnUHfi2Jpz8h02z3kucnp8Tg3AJTqJvrhk2WCY5WEoadhtkDH2NVrtPd4I2rBMGk7QF0jC2gikMGien7CfPWv88_kV1XvU7Mkwo0XkCqljiGvQG4sBqVUfGSUW71jbuApnZVVWH3CI_djz3WrGAyaf0T7vSu8BNRfLEft11SS2Ah4BoNE-QhvMBstUtj5JHPwyUsL2ptHmzMOJL1Ey3AviY4ijnfjepM6NYlwlM5aw5s7_pfdtDOnzs4Q0ULiItvY86S76iDhv0RZIvL4i_44NbMcs6tHkHOrUvIBB8_sT7vxNdwXJNerAZl8PGUuxc9Zgq53qzX90yTxofDO62wdk6j4n_v7KgW236ozBhgEgyaVxXv4WnUTlKIyZA9AeBdvBAAUI4enX4eItEeTCl16vZjvgL8hDo1jPnx-ld1n_ci7WP6hYjpUe2BrgBRcgUaAt3jqVVajdAtx5BOOrnesTpXQEfd_e3285UQtHPj4KNJm3HCQ8_r_k-VdZU9o7edniShDBCQynN73qSRbH1O_u3H_iPvBpiPPUGAcuGqlYw_DeTsUT3u4kRV2TA1cvs80n68bAErk2sDXcmlADGocngmsn2v_hSdZMH17AeGkYj1YfLvNwRpuTr8_h7c91SkyTfEUGfNXOZkieD-ni4SJLqhNQ695PwXpR2F_o4YyPTqVndRVwxpzmzrpzV53vhD0fHzS5TD3bQjlfQ7V_SjZdtW_mnJ5rEQhZ7SmkENaWoUnQ7DCkiWEzfupbnCPYJVXTOXjWjwdJvd29yHXFzg1z0JaW5ZVi7ZyZFP3DkZMZ-ynMjvyfT0zMdEmjx7MaTSMb6Zr-bXBGD5lcx_DM9Q5UvoE1szFhq7YVw_7UZ_-JcVcAI2J_djmKf3XGfYKTMl54Lx6cQTpLIwZFlWTakJDcMJ8Zukfy_SQJX3EyG5dE1miPPkah5fLR1XGvr2_J7q3vEvwdmWud9BZWr5GikXhliNaiMlKM5dWF86tsQbNdRSxySb9zculXTCVnmesNzmr8JOMxxafLAdB66hqEsH6ukw&cid=CAQSPABygQiDNM-MQNk0zG2xYuzF4yPe0YyxPwXZph4mr4EWgOPEWjaoJDHlvb1MagsEvhbYZFukVmi1s7BplRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.firmasec.com%2F&ds=l&xdt=1&iif=1&cor=5842280230269590000&adk=497053795&idt=161&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:58:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:58:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame BF29 28 KB
11 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 17:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17915
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10768
x-xss-protection: 0
server: cafe
etag: 11141491900784070631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 17:53:07 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame CF5E 243 KB
73 KB 114ms
47ms Script
application/javascript 34.254.57.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-7403327254807716&ias_chanId=1&ias_placementId=19429846202&bidurl=https://www.firmasec.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hJvaOErZEWjZCHcaAkC2eC
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.57.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-57-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 90f6219cda3c15b024187b902ea1ba6230c72438151c0a66af502e79a7d9c28c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame CF5E 106 KB
37 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 12:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 12:18:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame CF5E 11 KB
4 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cxj-ah3ymKl8RmTJvR_dbMutQ23XcaqoFHkHq-_Q7VYG9ze5mX_qu2F7NtGXVKuX8SGaaUjKD8UbC521kgG8irPnk3Gwax0QmziZWr21kwQsIKEhzImeZHP-b3dktTqmDk2lfzfWU8sPiFeQMzKBDDUYNTaOwK4_jL40JVXxWz18aK4d8&dbm_d=AKAmf-CfxqVSb6BU-zinS4Wq_tAqIb1LC0jY8Z0IEk3wHvqTut2jNXO5I63Ftm8URGUTGnCmyiRoOecYdP198C2thDJUGmdl1fBkhba4WAr25JTZVCO6X9_qyWwSTZt6TwCzlxNIZGLDh99wgfaXqFpLMOs6k9v5utUhNy5fHWYUUM7ma65dTvZEmEbNYSadlOaJ0dg5X0mE-n-LwkcSjx67_aXfovvT7gLzjSzTbDJiKoPMGvNI5zyq2QQT0Ue-cjf26z7aXi0yt7gTZ55lWj4lydMcBEexpnoUNnD1EICh_n0F_3wRR6-d0VAgW2Bh1OksaU7GYDEx_YhedJt23FhfnhAeMqVUoPN81-0DFZe6_Hmzs-aEnbGsR_oJIbmnqV95tpzawOh-VhPBQefJaMgvo9_zZNM57sI222wX4wmBMMMH3-LKsQUoxN9hwib6dfQC4KtU8T7gcZtpPo-SbDzuWWQMMFhyJXKmGEQQF27cLoKMCWGHRmhx8xlrdYy_QgrVDA5dvkvjxqdchhL_6j1bZqpe4qVLQ6zIEk7afKrjBptmgJw58gpg7h_oW3Xf5Wwxs0uAtB0LdwzUOfAYsIF2MvmtwsV-yGlJVoKoIiLvlpdYZSB7yShmNuw0mqgskrMdApWmlkQhJ2eySCTfpfXdqYUfSIYQWTKbVHpJ2ODWCYqj2STFuU2dWAQd6nSQortFkF10hnfNKXFgVIRyUyunELxRzj8gihJnJqHHBGDF87wzr9CDgcqYi_0JSAWk_fhJFB913JZh-5eQ3AQbN9ejnhbKoDX_cR_VUvF1mhkUfjwlE2yA2pO1pkRfhVDlmignPFdL0Wsq2M7AFU3-65cGm-1GkLhgCEQidDHeNopuNXSj9eMfCVrt3H49jh5vWMe03YNtlostJOWzqBHAlPF9ypRzOWHd0r-cNAwY6FUOgfH1adDBXktsCewVjbALqQx8RcA3t_qP9Z4eSNzTZIxr5UEg-pgbgf5KTkgrnS_X6eNowTcewAMNIuBd_wEkfd1-10lFweSsLLDuQhxr5HFBVz1JXbz9dD5_PC5COWRe3pueDD02uIH5mTYl8qdpqhxFfiOSnHZVhkSTCfC5bbZwHW2tL4IZ-zfUxaTVjGFBjKwsQajiQ4q7PVC67maOa8Q3buROPtyCchloHIRuZ5zXA2h3gduJG7r-cr5w0TbuubQLIfD6labs6kJhEfgcWtQmc5XZFMw-IPBtFdUW8LqpZn2MtXBt_4eQtAajG9ttBaAGjObqBLP0Gb6ngkEXaE9ZkCsWlvVuLI1D1JqRuwQD-aRSV6x4Qxw_3H4ng2TqUJP7GUmn1ISM1D0N-SnecBUIdyHfRhFf8jCC83C9SXdEAlo-JEkJMBDKRZpkPuvYL0016MvDGTIHeABLqMVzAXp78M2xmy6bVHaM9OszQ-3qtpyI1Defb8JuOBNw684POijzj_kBzdTaWjuYVsYBL8TLI7RmcHTu31OFH-kokE3GIcOZ8afZGA1PrQuwyA_-saPEujcmr3fQRGBZz5WvO9lCj00N-9Pzt88aJABm3E_pYJ_B-OKZIqPCC_mMBoIUuZUajalb-arHy9f59FGPeMagibioIYj8UvjacQU0_61LWP9Qj_JkaJdhBZVhg2WlQDn9N6eM3Bdny87Y5AD1aHUgLelwlm9CuUEkgIU551EKTJwB4-QbjAdduBiiSUmUEGEZR3va_s15NuJ9YyEZT-3iFa42trfdUUBmiFcbkXLwbVadHzGPQrHuunrTS42MVS4WJ_rIAM_1gqfvkF66K-QN-0QotQVNEgXSkC-2smZEt5eShiPTpFAy6dTu9hUvLYSL60yD5GBR4nYN9peKqPE7exvupvHS5p4_8R3uDtXHYn44FbEHSVau_4oetSV-nmqSoTX8HsOoiwU8O1Qjx8XoFybW2Wo3idrl9vt9MHDUIa64-W0Lp8BbQkPznhKjDFBf_Bmq8YIW2vQZDgdkJc4T7qN0Y52G1n3tVeWIhtdvFDFt4TAxUGmWfS0jqHWifziNmKFFN5-j5gbb5BxNC3ePfraa8M049HSiYEeG6P-93H5DftbVmO9elSnL10aVM9l2UpEMLfus_jC4J9mTYFI-K-9lbVnXyR0A7ZOGdAX_U6AhpLmva0Ti8YMcL0FdbMGwo-o17QU-Bl4oxgXw7MtXNQUL7x1E4eZiNlL2iR9wNHBXC0TAv2s8uoYHZws9aNqrO7t2NN9bfhb8nJv9lSg0PXMvpw2ecuxWPfRPQYRBPAax0EVif-eJQhkzOZ3I1TfRYYKXBoPbphREi7-clWV6mRBS2gwsOZzTRk6cUiqJUe3awng7Yr_2tlfCdQwzcaFOWO-L4v70PuYvwj-zUHjfTh9OsAi0Y1rBgEvMht_P6JG_EWwSuqfeZ7cZRm8BN3McSDia4O08HKMztkYUgpS_wPfKxDLuOFctIaYBCz9yfTl59lh7Hh0-l8rx42A1qbCFoI34nLKoDSw5PFsBJfl0GLg61_wHS-dg45vwsuxukZ1wc0eOKC5msgf7ZREsuRsIdJW0CPG_FdWCuol2AGsN47Ow5nfnAEK10q6ETV_QEkvWIZ3k7pUj7xOZkgWU6SzjqzgfyYwiI-YvI6fzyczNS5vZNLmmWG2L1lEH0d-9UCQeR_ucqj74NWmml45iEEGZOS9_V3o5GMNaX2gISDg1Tn_n4NQVGpDaXVtaQP6xvicHJ3_IgUULjjC6-LzgsmJH_YrkaI9GA1XjwK7s9EYj8XVO7AJVnr2qUHOrOKKSmiGT9K_4KUvoAC48pKNLJBbIW3OHKLOECIzeg9lUPEJIyynUm47vGbaeultjtZh0ebAPeur9REAf3it_s41aPDr0OrRkih-yc-VV2rjcA4dDxlFfd7JxUFr7Njvd0vteQnJjUHVb0W-KEWY7D0jLX_1jXE0TGGBxxVLpCEwe7j2UuvN1qfgS2PZ3rETnuCqFafmtBICaeEVg8rvKAhEQ0KFi2Bk7jwtDShPZ09klqQTYk2HFucf8OgU6WVY-4Qx85c7rIUONde1_1LtcJ5by9Jl3bBxcxeh5wLPSgqCo_GZ4JbWtua_YoLkCttHgvJnM0xJrJwrIhClpoWHn3IezElma-_LEUzNaDrIYhZEif9nUiM70ZjBq23H3by5_WpDuzR7pXju5x7LpzM4FMOR6dj8Ck4ddlyDoDKgVSBLQQX-WRi6WSEXsCl2BSa5A4tsfDeBk7jBesjnZfdilRS61OppZIekEnRZbcEYbxBkfVUzag32Ji1hzwiEdpNIZogKPdm5c9vFAZg1ICtmia1-XSqQG2FgMhhatys51WtixVUQ8WmIFhibqRgfzoNX8-vkyK4-JoCGdfkx0u_AfJNijcA_9nRVyXfsLLF-w83YOJXiBGeqxR61QgoLH6ENodmPZecYdGWKrsxu_k2gBh4NvA7RciFIlTppr6W2sdC5QimVm89Bn8Z6Up8vwgIoHxGJI94aFSsSNgJ_1VtKtv91nzTRqa_kv_gbQ5m1fJg8hqqag85KOVoxj0uyV6GRFf7-l0_SLidcxrAkGeFUmihuDhJEtM0OiRjYfeMxA4e5ujBlhFqTNlljV&cid=CAQSPABygQiD8RLYYjQQ9tNGp8nO7jGNJxiHDAL6dm7AEUiw5UF-Qn0fMA_Q8mBsc8y0orUE-M2pMJVdAmYFSBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.firmasec.com%2F&ds=l&xdt=1&iif=1&cor=13115527702192360000&adk=1726166460&idt=206&cac=0&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:58:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:58:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame CF5E 28 KB
11 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 17:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17915
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10768
x-xss-protection: 0
server: cafe
etag: 11141491900784070631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 17:53:07 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 32FD
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEG3HOuneHPYnQWS0AldCoMA&google_cver=1&google_push=Aer7DvI5xUM2mUZ1y4-si76yh9dEw9QaQ3io0z_xz396WsoYxlFCCnW-3A1uXB4uCtZse0ZB4U0MOk-28n7lji1lHnlWkITdJZn_39E
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUzODc0MjI0ODM0OTE5NDE5Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG3HOuneHPYnQWS0AldCoMA&google_cver=1

43 B
398 B

92ms
28ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG3HOuneHPYnQWS0AldCoMA&google_cver=1
Requested by: Host: www.firmasec.com
URL: https://www.firmasec.com/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG3HOuneHPYnQWS0AldCoMA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 32FD
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESED_rZLMWl6zB03znKO3R8RI&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESED_rZLMWl6zB03znKO3R8RI&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bW9rNlgxZEkxUFBaQnM1&google_gid=CAESED_rZLMWl6zB03znKO3R8RI&google_cver=1&google_push=Aer7DvLTDdSqrOXbKaRluLW2UiiK9Mewmyt4jOuSgOg1AxO...

170 B
188 B

47ms
46ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bW9rNlgxZEkxUFBaQnM1&google_gid=CAESED_rZLMWl6zB03znKO3R8RI&google_cver=1&google_push=Aer7DvLTDdSqrOXbKaRluLW2UiiK9Mewmyt4jOuSgOg1AxOOyJl_FQU0WPjADLZSw575eW9HbHkpcBL6yrrETtXhQ6H14m7w0hBO888

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:51:42 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0a06c616171ab44f5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bW9rNlgxZEkxUFBaQnM1&google_gid=CAESED_rZLMWl6zB03znKO3R8RI&google_cver=1&google_push=Aer7DvLTDdSqrOXbKaRluLW2UiiK9Mewmyt4jOuSgOg1AxOOyJl_FQU0WPjADLZSw575eW9HbHkpcBL6yrrETtXhQ6H14m7w0hBO888
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 32FD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBZZiHjta8r659Xl4wHIPTU&google_push=Aer7DvK9VuYTapvEy-fyygD4NXtB2Fux865r6RFNY7DqoQNO0BKrm4JDDx...

170 B
188 B

40ms
39ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBZZiHjta8r659Xl4wHIPTU&google_push=Aer7DvK9VuYTapvEy-fyygD4NXtB2Fux865r6RFNY7DqoQNO0BKrm4JDDxBIeWVGQEcoBxbwfRZF-IzcEXwo3-XhwNXBuGBNC2IIDB0

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220055-HHN
pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1682117503.961612,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBZZiHjta8r659Xl4wHIPTU&google_push=Aer7DvK9VuYTapvEy-fyygD4NXtB2Fux865r6RFNY7DqoQNO0BKrm4JDDxBIeWVGQEcoBxbwfRZF-IzcEXwo3-XhwNXBuGBNC2IIDB0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 32FD
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJy_gGruDke2JGnO-pcypWc&google_cver=1&google_push=Aer7DvLf9sWXugOD_RrORSAjRjewRSFw-WphnXaEzLyAZiBmHik7sIMUJWesWxn5wBJnKTTckG6QzP3t4WX...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvLf9sWXugOD_RrORSAjRjewRSFw-WphnXaEzLyAZiBmHik7sIMUJWesWxn5wBJnKTTckG6QzP3t4WX136wcHD_RB8B5oZWiOl0&google_hm=4smV059iSFiPlMwN_...

170 B
188 B

35ms
34ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvLf9sWXugOD_RrORSAjRjewRSFw-WphnXaEzLyAZiBmHik7sIMUJWesWxn5wBJnKTTckG6QzP3t4WX136wcHD_RB8B5oZWiOl0&google_hm=4smV059iSFiPlMwN_C3-9BY

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:41 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvLf9sWXugOD_RrORSAjRjewRSFw-WphnXaEzLyAZiBmHik7sIMUJWesWxn5wBJnKTTckG6QzP3t4WX136wcHD_RB8B5oZWiOl0&google_hm=4smV059iSFiPlMwN_C3-9BY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 32FD
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBtTh_8nQOawAntVLrGMuBo&google_cver=1&google_push=Aer7DvKSpe-CfvP96e8H2IXkU9Wo40vbTePH9yVB2oVF44veIMjnyPwcLP3w-25GneG2UAtuUq22sMr8MspAjynR...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Vr_pwSFMQhGDapXttcbdKw2&google_push=Aer7DvKSpe-CfvP96e8H2IXkU9Wo40vbTePH9yVB2oVF44veIMjnyPwcLP3w-25GneG2UAtuUq22sMr8MspAjynRiqLc9qwZ4i1jIxc

170 B
188 B

41ms
40ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Vr_pwSFMQhGDapXttcbdKw2&google_push=Aer7DvKSpe-CfvP96e8H2IXkU9Wo40vbTePH9yVB2oVF44veIMjnyPwcLP3w-25GneG2UAtuUq22sMr8MspAjynRiqLc9qwZ4i1jIxc

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 21 Apr 2023 22:51:42 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Vr_pwSFMQhGDapXttcbdKw2&google_push=Aer7DvKSpe-CfvP96e8H2IXkU9Wo40vbTePH9yVB2oVF44veIMjnyPwcLP3w-25GneG2UAtuUq22sMr8MspAjynRiqLc9qwZ4i1jIxc
x-host: tde-deliveryengine-production-64c8469d98-gqz9m
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 32FD 43 B
351 B 80ms
29ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEL1r_Lt0Gmm4IJwZYBNNusA&google_cver=1&google_push=Aer7DvJc0lrKLpBIXRMDZ-Wd85GNhwYHMLAv-YmWAHi20M4yRqRJ-ObdDq-F9jxc7gmCmH0km7_9j1OTUBwKoDGLiQ30CAScGvW4-KU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=1891063212&pi=t.aa~a.1259045259~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1294&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280%2C313x250&nras=6&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=r0mTJaNzdW&p=https%3A//www.firmasec.com&dtd=42
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: rje8q73uaf4cqg4fev0lhpr22a8q3kfs

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 32FD
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=viRYixRjQmyS1UGp9GJ2Rw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

39ms
36ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=viRYixRjQmyS1UGp9GJ2Rw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJJfteYohJATlJ94vH4df5dZzeuhcyZC_N8dcP9hfs2sIYxWzeUI7mINzpK1JoRhKEkYSljZVK58_7tQ_U97lFl7zwcuZxevg

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=viRYixRjQmyS1UGp9GJ2Rw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJJfteYohJATlJ94vH4df5dZzeuhcyZC_N8dcP9hfs2sIYxWzeUI7mINzpK1JoRhKEkYSljZVK58_7tQ_U97lFl7zwcuZxevg
date: Fri, 21 Apr 2023 22:51:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 32FD 0
12 B 34ms
32ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IU1mbtbqBYYrRfWkdvRdCt7Q5GtpUDl2ya6YY1R188JCyRp7QdhLUyIM2oNy0H2B0_C73n

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=1891063212&pi=t.aa~a.1259045259~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1294&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280%2C313x250&nras=6&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=r0mTJaNzdW&p=https%3A//www.firmasec.com&dtd=42

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 3D97 29 KB
29 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 21:56:08 GMT
x-content-type-options: nosniff
age: 348934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Apr 2024 21:56:08 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 94C5 41 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169301
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 23:50:01 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E3EC 1 KB
643 B 20ms
20ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 12:45:37 GMT
etag: 48472445140208031
expires: Sat, 22 Apr 2023 12:45:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 94C5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f077e893b9b57d8b1702c55f1c47ce616fa84a5c4e7f3298e69dae401089f8f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11934569601524222564/ Frame 2B3A 13 KB
3 KB 73ms
29ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=BlRjIFcTsL&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

293c4dc30efea546e286c0185dce44c51099dd75f3486716f08547a8df84d6a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2688
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 22:51:43 GMT
expires: Sat, 20 Apr 2024 22:51:43 GMT
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 94C5 0
0 156ms
70ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuB9LfB_l_WXF5ZN31e27nCTfsqmMkd0C56JdRijEdusRVftCwNzi2mGupKTbCyXAAE9ACiCGqnoXdlEATYfwqgnrTJamrQ97nauPq7imG8yAuhkdqxhgbTq4_-cgbZfwzCYL_gEO1ZYt-EmOe-5vDW_566C5dj4H5EtHOtpsXq96N_lKfQHP6oOVHeE9hunacKLJqHVCvEVBrpaRqcLUTyzgKeVTrDxYZhA3Y15xowwYl4mQDhy-mbc_VLjGhg1LgmoWC7VYet7d4Xf29WskkohP4mVaFh_Svi4z03vHhms785N_yJiE0m3tJ5gGr5lYoqmDiZEo6ddGCBzOpprLAGfW2euoOaDXCCSBMNW2QGMVQVu9e8saxwvXl5q5h2MHlNKszBCQ0bTF7kTF9tf73YRA_B9nj6RIzJY4_scdQQelsYXuE6OcYQfPw23fzu1mQLx6aZ1O6K7UNqpTu9xv_HD7sdytgByK6IAGcn1j2FxqgwgLiPDWsiq4qUj-lsdXsMm22rzMirltjHY2k6wCtYpmrmLriWloGvUALIeqFBBruA9UzS--S9c2BkJ6yW4Sf-uOHcuXvS9gOsY9jWGnLrlGu9Q0R17jzy-jYLmgFouNXZgCTGLP0eSPv00RG3TPwBR-a6YNJMiwwbYoul0w1SbnNwhSVlppr_mrl-OHG1GaOOApkOw6a0RHbIPcVHE45iyltYGkmhGymubu2cdu3trq8SpQySrFHy1Uya1oe9OqEyTOGJmKg91ICTyfWDS57TBeatt9KRy27XblezwxbxWYEqPY6m73oI7zM0V2DZUaOVUjeRhXEDnAW3wx6e_OK1eKRCTHl8yyKbw-96P8Fd7WPOOL7f-l2gyYE3loHUq8oK34vscqrU6sWmaeNw5wg1ZRbKqK7e5_2rLoLaumCtLGSt_FXMQt8Yo-1tPUTNZjbDxqEfp3D-2mAwoJWFTLlcG0F7BTuQxNUvznJvDOW580cDDILPnqVhBQdfGAXel6f-hS0O89uKtvcsEjyYGdHSqOM0BfBvFSYTkE0kNbUIWwHD8fw0aPodAp3nzBjcze1HpTnZlP35HD9WeFLXV_zHJ5wix3Q9uiw3kZwhNOqmuD3Nks5NedOkB5e5I1gad43hOQuvLJd7yZlrLSMuMBx__C2aUDJdiCejDW37U8Dc1Zo9qkkHx41CSoQ3M_FJYYnuUnpoPMNyXVgSZFIxdYspb9jnxUdKX1O1sEXuD8Mr1YhUAuoeR_Y6gyXT8JLZUzWKe14d&sai=AMfl-YRozzyyxCJTP02U0QSReL5VX8zImQrYG7--X1Dhv-ICEl3Tt22QPMwzhOZVoIj4pc_AQqn3LtWOm38AdrOO7SpEvN0zfrXe1d4RJ0ijTGCLI2JwuvA3GoaNclUjleoRrLruRlqgAY8uKUxICPxxO-p5khSJc4cZ5_DS0EPsk2B61FlB67hxHN-m6zGJSoDAYxG_V8XDkjtbBdFoZPL-eo1RDYUkryW3QHCwJu6vATgqae8LBSOpPcJnnhgxDmaIUMdr2xbIralYYDgZ_UJbYaymXj8g0VLA&sig=Cg0ArKJSzD4EHKqTwa0dEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=318&cbvp=1&cstd=312&cisv=r20230418.11695&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Apr 2023 22:51:43 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:51:43 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BF29 41 KB
15 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169301
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 23:50:01 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7A04 1 KB
643 B 26ms
19ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 12:45:37 GMT
etag: 48472445140208031
expires: Sat, 22 Apr 2023 12:45:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BF29 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7b69e86a437606fc41237e657c83c1b6837df42317b1d79efae4f33eb6c7172

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame A3D3 36 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=1891063212&pi=t.aa~a.1259045259~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1294&idt=1&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280%2C313x250&nras=6&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=r0mTJaNzdW&p=https%3A//www.firmasec.com&dtd=42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:28:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 16:28:35 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8545329873006492075/ Frame 7712 142 KB
22 KB 21ms
20ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 141690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22810
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 07:30:13 GMT
expires: Fri, 19 Apr 2024 07:30:13 GMT
last-modified: Wed, 09 Feb 2022 10:36:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF29 0
0 91ms
69ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_-h4OXG-mX1mD2iVy6UTC67xIZrBt4cnEYcMlsmK_5CM9MoR96Oevjl5cwKS_8iKIwG2VyywKYr3klks9Wew668I8xCdt6Jiu69XZ3Zh03YDgOQlzjhXanCL4nTUJ4StmfcmEIyHohHNZ1Zuc3LiZslMh95mZ6-WdXDRgQR5Pi07kpgnvtedCuZPbXadD7K9WtPYYP9fXCih0H5TF1qlkulhovYMv44fsUACWIYTkIov5j3nQNTUtHKU3TqxUQyoOpeM_PtQt8iU1T-5QUu3hrJVW2aDvqqvuHxZa9puD7Yn9DJ0HPE2YAskukNqhmB8xyjDUbqDxZ5GJTv4ICiX8QK5OU9dpOR95Wwn7nfIlEaMl1mOmc-Sk2h3XPOb8O-ybovrTtfxB_bK6s4TwDkG0YYsujEe5BTOU9aY0G4pY0V8zWiXxW_dDWpixL1RuIqP2ZvlbvFvZ4NfwKQUhtL4wsJAxCegnvoi9McYqk9iU44Z-8j2OJ4sJMR_ecqy9k83lsiKC4cAfUmu-d6Af7Zau0dIS16UYRcm5uuJpML1twlU3N98lJ1LS1-qAE1M9lncpqJDPMoVcj_jsKeTLv6ZjdZ7xeOP-Gfo1RtSNJqDRy7VD5s3CIEN4M3Sh6mVce2FGM93Qs60aVmj72dPPg5SRbxR2x8GPC_nqnHSmmmEuOI9xYVJgrWXqg9zhsuks2UxI-6n4eZVbraO0EaGEwAQXmoayvu-t882xpm5u69Zp2xdMQtEC_Or97bXrNcmBzYcOQ5yYjzYFM1e1b3DSJOV7CeJrkgA2TfpxdbybThSZRLZCyfhr4C2Y8Kxk5rCcaZj9J1HGEG6fyT9eAy4EzrT6e5CTJ-bbaR0ovje7CX-cxpOIQXLC1GO0H5HHlIw0hH8cbNSYPb43IuzUm-0VrrdgG9K51k2cM7cXkPX1Xc5skcxhEPqWN3Iwrd-Ny4gVwxL1r1t4cHsdLn7T1Na-cwL76vAKya-VQH6ljrMnFGlRLFOQjfn2q6dvE74g_IL1oG0qEUSnsKTBUm95fGlh2Vf63SlOUyB4IMwh-RnDldf7g5Nj_ibWCgF3VEDpwAF2psZf9SGTve0MiGIvLQY3MuNqJliT1ON8hylQFIleJnl9ulMozMd1PbFB9iyJkQDWZkm0TFDaBmN9kiXDOTH1quinSQq_PdVnh7jWLpTc6G-XBeQPbXsoFk0bd6G8NqT9gLgae_l53TuhyvKB_HjRBCDgZmWJUvelo0nXSNdLMMuZj4oiV62W4R8xNj-OeoWTpaKK&sai=AMfl-YRX_vYHCYboFhB2yOjaT0q1i1Ctys3jqYQj2-63d64TcS1KQZPBox_PljO7-KtF9hVwfz0bwmeGUfsav-NGjNtxbW8KoY81V2erx-hevM_9GbnO4HlZKraVCiYM8LgLY3w2yVR5W4fAJT7NJzH2GQEoIAFCE04EMcWz1cgKvKk6dXmX7n4QDAzkYPf5PHQzL4ir-OpCB9R6krru6uQkkBOyoatyoNn7IKq3vG-T42W0piqSw4n8mXJF1jN-I2m09bHrFsY&sig=Cg0ArKJSzKUjLyqJkDINEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=222&cbvp=1&cstd=213&cisv=r20230418.00979&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Apr 2023 22:51:43 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:51:43 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CBE5 22 KB
8 KB 28ms
27ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 161342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 02:02:41 GMT
expires: Fri, 19 Apr 2024 02:02:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E3EC
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIE2p40tqy8LomdP5iYDDjQ&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bW9rNlgxZEkxUFBaQnM1&google_gid=CAESEIE2p40tqy8LomdP5iYDDjQ&google_cver=1&google_push=Aer7DvLEzHSvdAc_9HGFg23BKhU3ssMdKOnbWJw4yM3mGOj...

170 B
188 B

41ms
40ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bW9rNlgxZEkxUFBaQnM1&google_gid=CAESEIE2p40tqy8LomdP5iYDDjQ&google_cver=1&google_push=Aer7DvLEzHSvdAc_9HGFg23BKhU3ssMdKOnbWJw4yM3mGOjC2k8RunTmgPsEY308J2vqvsznTecZKsqHD-XM_4PKHPqVg2KKLQirogI

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:51:42 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-05bcdf9d4cddcb229@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bW9rNlgxZEkxUFBaQnM1&google_gid=CAESEIE2p40tqy8LomdP5iYDDjQ&google_cver=1&google_push=Aer7DvLEzHSvdAc_9HGFg23BKhU3ssMdKOnbWJw4yM3mGOjC2k8RunTmgPsEY308J2vqvsznTecZKsqHD-XM_4PKHPqVg2KKLQirogI
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame E3EC 0
173 B 110ms
29ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEBldgN9BLEZFSGcPWL0pNIQ&google_cver=1&google_push=Aer7DvKKnzFlncLsLKsBGXsA-Nx1Aik_FmxNqZYkgduv9I31yinvznI8QMfRYF2ISUgrAdm7QrD6iR4HVcLBe5mnrhJ94pV9t1Pwug
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&daaos=1682092429633&w=373&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250&nras=4&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=P7Xu2iFiCY&p=https%3A//www.firmasec.com&dtd=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E3EC
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEA8sRiKjFAvav5NfTbmHmxA&google_cver=1&google_push=Aer7DvLaxD1G9aQyGyo6m4HR-XC1S2BOx5Cusn8m2VBkdMPS9hgOfu1Ayh3Monz4AErH9jPsNFa-P52EgZ0QZYwEJGFup9A...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEA8sRiKjFAvav5NfTbmHmxA&google_cver=1&google_push=Aer7DvLaxD1G9aQyGyo6m4HR-XC1S2BOx5Cusn8m2VBkdMPS9hgOfu1Ayh3Monz4AErH9jPsNFa-P52EgZ0QZYwEJGFup...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLaxD1G9aQyGyo6m4HR-XC1S2BOx5Cusn8m2VBkdMPS9hgOfu1Ayh3Monz4AErH9jPsNFa-P52EgZ0QZYwEJGFup9AQE3SeCXw

170 B
188 B

40ms
40ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLaxD1G9aQyGyo6m4HR-XC1S2BOx5Cusn8m2VBkdMPS9hgOfu1Ayh3Monz4AErH9jPsNFa-P52EgZ0QZYwEJGFup9AQE3SeCXw

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLaxD1G9aQyGyo6m4HR-XC1S2BOx5Cusn8m2VBkdMPS9hgOfu1Ayh3Monz4AErH9jPsNFa-P52EgZ0QZYwEJGFup9AQE3SeCXw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 dds
rtb.openx.net/sync/ Frame E3EC 43 B
136 B 29ms
28ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEENmysCFA9DGpYN1uiTbx0&google_cver=1&google_push=Aer7DvI5H-Xne8-R2oXl0vxIkwc5uDJUh5A22NV7ZIekULL-g5CY1VgvyRxZufMXnVBu3y1bEicaorVIAqRS3VfIp-Mjp_WzMKVLdgg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&daaos=1682092429633&w=373&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250&nras=4&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=P7Xu2iFiCY&p=https%3A//www.firmasec.com&dtd=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:42 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: kjq9a9q2pf2hl3tjq7fgv4e8mbjuu7j9

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E3EC
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=viRYixRjQmyS1UGp9GJ2Rw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

35ms
34ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=viRYixRjQmyS1UGp9GJ2Rw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvIh7scTBFSlTN8aicwjvDfNlOVJKq-VsLfcyTEvhErn1KPfH2vWlE40IH69euONI1byH7P-PHZ1CGw3k3x0tzP7T8IEcci0CA

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=viRYixRjQmyS1UGp9GJ2Rw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvIh7scTBFSlTN8aicwjvDfNlOVJKq-VsLfcyTEvhErn1KPfH2vWlE40IH69euONI1byH7P-PHZ1CGw3k3x0tzP7T8IEcci0CA
date: Fri, 21 Apr 2023 22:51:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 trk
ag.innovid.com/ Frame E3EC 43 B
297 B 270ms
37ms Image
image/gif 2a05:d01c:1d8:8102:3546:3733:b35c:dc5d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESECDHW5uv7X56JGkesZXEz3o&google_cver=1&google_push=Aer7DvLvEci4yeI3JlauFKCAqjT-_q691dnsUqXF3-5lPUImGecZAILlAY4ItZZqL_EVn_4Tm952Vvqn9dxD0SNPtVYtHfjlbYTsmQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&daaos=1682092429633&w=373&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250&nras=4&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=P7Xu2iFiCY&p=https%3A//www.firmasec.com&dtd=33
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:3546:3733:b35c:dc5d London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame E3EC
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEyJVn-G8EDxz2NeLQBgIms&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvIObbtSCEvF92hK-zvPKQmqdHavf56Ny17AymftViBzsliUCqdpqNA9AVokogQBSSOo5BUHIdwqvWdYibLGO36wIE8NkYtMDmc4
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

53ms
53ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&daaos=1682092429633&w=373&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250&nras=4&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=P7Xu2iFiCY&p=https%3A//www.firmasec.com&dtd=33
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Fri, 21 Apr 2023 22:51:43 GMT
pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E3EC 0
12 B 31ms
30ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IanhPXfG0p5UD7akZoHioJGxrNJn7bhGrvzfId2PtWW02HUpjlT3Eqazc5v2vuRf8bE2gMZA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CF5E 41 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 23:50:01 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AC11 1 KB
643 B 32ms
23ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 12:45:37 GMT
etag: 48472445140208031
expires: Sat, 22 Apr 2023 12:45:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CF5E 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7bc6f6e27c70eb76d630dd1fccc510598ad7f9f112184f5394c81305315ad0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/11934569601524222564/css/ Frame 2B3A 5 KB
1 KB 27ms
27ms Stylesheet
text/css 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=BlRjIFcTsL&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

889f2bab730d916ae6b55451a2f2fcdb173b310e29306103ece5b4c545a38156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=BlRjIFcTsL&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 02:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247820
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1412
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Apr 2024 02:01:23 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 2B3A 118 KB
40 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=BlRjIFcTsL&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=BlRjIFcTsL&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 08:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 08:34:14 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/11934569601524222564/img/ Frame 2B3A 6 KB
3 KB 23ms
23ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/img/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=BlRjIFcTsL&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=BlRjIFcTsL&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 07:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313707
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2563
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Apr 2024 07:43:16 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2B3A 60 KB
24 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=BlRjIFcTsL&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=BlRjIFcTsL&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Apr 2023 22:51:43 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 7712 29 KB
10 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 00:48:37 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DDBB 22 KB
8 KB 22ms
20ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 161342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 02:02:41 GMT
expires: Fri, 19 Apr 2024 02:02:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8545329873006492075/ Frame CBD6 142 KB
22 KB 23ms
21ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 141690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22810
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 07:30:13 GMT
expires: Fri, 19 Apr 2024 07:30:13 GMT
last-modified: Wed, 09 Feb 2022 10:36:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CF5E 0
0 71ms
70ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsswLlJC9sOiw0bqrsgoDb0R3eDEIiJx-xybaA6jyexXHxyuOPue8KSRzSCZD148qhcrRaUBhrrBe5w_0mKt6a7UeIlhb8mtq8bK6TcMPQxcBRQ2khwd1rWtTgns7kMm_HEcEtGTykXQHZ6twp7bUtEQ6188ptoiZDqMBnuRkcwy8HHl0DmDjC0AZN6OkeDO5gmS1FvX_b3QYYYK0j9GtC0oQSlwIHsuMNRA06cAlPK5se_ov6qA2uW9tDmERuX1QvM63ncORCNXElCGK_tRcRbJOld_0v1Qr4GaLCsXwVCmJZsDVN-nD-sNtHnmuEvsDM6_EQGcdCpN7KSXyGy_k4T_jVJuKiQ5on1q5c8JH0pxBl7ikkjLKraztcaFdKsESrq4MXefU_xCpAfFXapQNnQGvQOhq3CDOdok3MBthjUlzjYeSeDWmh4ZxS4gNBMenWjQfi-6shZiSO76hjMS9i8mtsw2noPXyLYiVdrevZMU9CmjDwNH4tCJ7dteUCJ09OSe8QzY-7Pu5J_bCmVdBW3UcapBO1j9PUY2nbHsDin1XQfMscL4e3mNilVEXwVAtxwZ11jROW3xjlTfgOXtJ4Tss6okRrJPnBkZ-owX9MyDC0338MZw4-BzbvhhwUIwzadMAemjcPYf0eA0IejBx9eNWSQGDUBPxWTONLs66MNGtL76UBUfPSHB4gN0JjJ_Bo9SYXMKqu3xm2y169VNglg7dT6z181NKI5cYIbBveshsSfLuO7UyXkZnj1-t5xZJ0mylXsx74VS1AdH4C0dIFkveKZvS5QO55IfwTlDcHhQWkDaIptvpYCT4cQSJQgrOUhWfq9Ev89NNArToquRmMRSxBPwxfdTfDr05NGGpTN2Lol_sN1AN0vpPrGF3bqQgjfnlVbm0fMrTPIW-bftFPvxInUMwp9bEG5Hx0xYVLFIITR7VRpF7C4zBBkPC4f1p5vSDfdrFcNT_gQs6sbUNFJD199hhtK104Wc5H74nSdleUY-QWeYPgv9WMSCtTddFylVLpmc5QuQnVqd7sSqRpnHrkiNKhFE0pkl2Z4l14VOh_JZMN0yUn1uFO6UvegyB_JnQRbZvb_hQlGrm8UUu7b9h3QHFD4dr63FqU1rP1zJ5B6yIO7OmND9HuzaYpnO-MASegSVB2j4pR6QCuLSMLwLdf-BZXrL3Mo7odQj5F0l7AvVfSU3gpKXe65OpGdmgqaBi2ezE011WrOQiggCtK9jq0PKJxpHAnJ-e0AkzTKV0pjNVzvp8vHDyA&sai=AMfl-YRqQ9uDk27P_r5PI3nehqozzy9Jx79tWqpX-8lobQPWc16SRcbNUr_20EQcrcilILVF28KRxtPDLUAT95voCGPz9he9_CyNJGPLnT_y9sN6IVrnF-XV_BhIy_S8FDbnUi6SrPdT3XFhQu4GBkosnYzkSy-sAyIFWHPYUN5ZPdyNh9CpZwJlttFuoktU6LpWaRoJ3otO5MC8N2TlgxNEcaxv_Z0Cg6uWJRAqNd6vI3lvUVH866Gxa9Z9ZNkEWCJYUkPCVlk&sig=Cg0ArKJSzDS0ya8AKUJxEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=277&cbvp=1&cstd=274&cisv=r20230418.74643&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Apr 2023 22:51:43 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:51:43 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 7A04
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI7EWVo-AeiATmjDxeD31Yo&google_cver=1&google_push=Aer7DvJ0voVQurpahVu7swW_gI23L7X0QKxvrpCQswI_LP8BQYMa74qiKt_7ac4FPyTNhCEHjeo5TFkkD9R3u8tK_ViS1JL6jxzYNW4
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUzODc0MjI0ODM0OTE5NDE5Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG3HOuneHPYnQWS0AldCoMA&google_cver=1

43 B
398 B

29ms
29ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG3HOuneHPYnQWS0AldCoMA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=763060771&pi=t.aa~a.1258418826~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=2&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=gP1lNsoTTR&p=https%3A//www.firmasec.com&dtd=26
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG3HOuneHPYnQWS0AldCoMA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A04
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGSvnQj04cPSZi1hL_wuYq4&google_cver=1&google_push=Aer7DvJDOhkprDMvVkP7BkG6XDfAeLSiCmugrp4evjSCGNf3DrvaLa2cqb3wEYiLgg5St4sf98Oc1y1_-GlFZAeD...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJDOhkprDMvVkP7BkG6XDfAeLSiCmugrp4evjSCGNf3DrvaLa2cqb3wEYiLgg5St4sf98Oc1y1_-GlFZAeD3VU7wO25ELYq-w

170 B
188 B

38ms
38ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJDOhkprDMvVkP7BkG6XDfAeLSiCmugrp4evjSCGNf3DrvaLa2cqb3wEYiLgg5St4sf98Oc1y1_-GlFZAeD3VU7wO25ELYq-w

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 21 Apr 2023 22:51:43 GMT
Server: MT3 830 785530e master zrh-pixel-x7 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJDOhkprDMvVkP7BkG6XDfAeLSiCmugrp4evjSCGNf3DrvaLa2cqb3wEYiLgg5St4sf98Oc1y1_-GlFZAeD3VU7wO25ELYq-w
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 21 Apr 2023 22:51:42 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 7A04
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBKFgtjWgNtL-COylOeB5LU&google_cver=1&google_push=Aer7DvJ6z5FnXuDFgMRFlWQlCIK7cmWtEKBSA3jd7RFEl5nyCZrPo4ZPaazmd9qpTOu8usqLN19j7exUB1tM6RFkAe4T47G1Ek5xD...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBKFgtjWgNtL-COylOeB5LU&google_cver=1&google_push=Aer7DvJ6z5FnXuDFgMRFlWQlCIK7cmWtEKBSA3jd7RFEl5nyCZrPo4ZPaazmd9qpTOu8usqLN19j7exUB1tM6RFkAe4T47G1Ek5...

43 B
409 B

219ms
185ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBKFgtjWgNtL-COylOeB5LU&google_cver=1&google_push=Aer7DvJ6z5FnXuDFgMRFlWQlCIK7cmWtEKBSA3jd7RFEl5nyCZrPo4ZPaazmd9qpTOu8usqLN19j7exUB1tM6RFkAe4T47G1Ek5xDvU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJ6z5FnXuDFgMRFlWQlCIK7cmWtEKBSA3jd7RFEl5nyCZrPo4ZPaazmd9qpTOu8usqLN19j7exUB1tM6RFkAe4T47G1Ek5xDvU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=763060771&pi=t.aa~a.1258418826~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=2&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=gP1lNsoTTR&p=https%3A//www.firmasec.com&dtd=26
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7bb9317ccf57693f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 127
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBKFgtjWgNtL-COylOeB5LU&google_cver=1&google_push=Aer7DvJ6z5FnXuDFgMRFlWQlCIK7cmWtEKBSA3jd7RFEl5nyCZrPo4ZPaazmd9qpTOu8usqLN19j7exUB1tM6RFkAe4T47G1Ek5xDvU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJ6z5FnXuDFgMRFlWQlCIK7cmWtEKBSA3jd7RFEl5nyCZrPo4ZPaazmd9qpTOu8usqLN19j7exUB1tM6RFkAe4T47G1Ek5xDvU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7bb9317b3e05693f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 7A04 0
98 B 99ms
30ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAer7DvL4o33Gp8815az7bmfAEvnKTHi0TpO2r0LWY58ntDvgABELdgKyWwj9lR_BQ2OfIZtYfNVZ_Z2vxcX1XlXwJBXWKjcRUyd2zw&google_gid=CAESEFRHfSKPb1YxHMCXWZCv98w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=763060771&pi=t.aa~a.1258418826~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=2&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=gP1lNsoTTR&p=https%3A//www.firmasec.com&dtd=26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A04
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELrtJ8cyOk6TZ5hEJUn1SD0&google_cver=1&google_push=Aer7DvLB0zuy2uYpu10OmXNPW2nV79ii_WS2PgyoJXUr1dclVsB9eQcqvQ36DL2FbIy4MYCl6pKe1mGbA28bQG...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNDYzOTY2NzcxMzk5Njk1NQ%3D%3D&google_push=Aer7DvLB0zuy2uYpu10OmXNPW2nV79ii_WS2PgyoJXUr1dclVsB9eQcqvQ36DL2FbIy4MYCl6pKe1mGbA28bQGVYE_...

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNDYzOTY2NzcxMzk5Njk1NQ%3D%3D&google_push=Aer7DvLB0zuy2uYpu10OmXNPW2nV79ii_WS2PgyoJXUr1dclVsB9eQcqvQ36DL2FbIy4MYCl6pKe1mGbA28bQGVYE_gQyVnLaX95

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNDYzOTY2NzcxMzk5Njk1NQ%3D%3D&google_push=Aer7DvLB0zuy2uYpu10OmXNPW2nV79ii_WS2PgyoJXUr1dclVsB9eQcqvQ36DL2FbIy4MYCl6pKe1mGbA28bQGVYE_gQyVnLaX95
Date: Fri, 21 Apr 2023 22:51:44 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A04
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGn5du5KRlF9jwuojlVf9Ts&google_cver=1&google_push=Aer7DvLss9m6vb05z9RIiOgrHQMlioHBWk42hHUXwP76_5upNxbphtBgEoPFDV1vJgXkLQTCTjudfbah0gx42qdF...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Vr_pwSFMQhGDapXttcbdKw2&google_push=Aer7DvLss9m6vb05z9RIiOgrHQMlioHBWk42hHUXwP76_5upNxbphtBgEoPFDV1vJgXkLQTCTjudfbah0gx42qdFaOuFTaBAaolCQ58

170 B
188 B

37ms
36ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Vr_pwSFMQhGDapXttcbdKw2&google_push=Aer7DvLss9m6vb05z9RIiOgrHQMlioHBWk42hHUXwP76_5upNxbphtBgEoPFDV1vJgXkLQTCTjudfbah0gx42qdFaOuFTaBAaolCQ58

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 21 Apr 2023 22:51:43 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Vr_pwSFMQhGDapXttcbdKw2&google_push=Aer7DvLss9m6vb05z9RIiOgrHQMlioHBWk42hHUXwP76_5upNxbphtBgEoPFDV1vJgXkLQTCTjudfbah0gx42qdFaOuFTaBAaolCQ58
x-host: tde-deliveryengine-production-64c8469d98-gqz9m
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A04
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOxgkICXR_u_IcaOciRD1uQ&google_cver=1&google_push=Aer7DvJgwAjmUZ5Pt54hiI7t5Wqi2Y40fU_sRJuj8o3KnGpc6s8fOMXdsyo77X52uoP071p2c7r...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdSNUJXQU4tMy0xOTZV&google_push=Aer7DvJgwAjmUZ5Pt54hiI7t5Wqi2Y40fU_sRJuj8o3KnGpc6s8fOMXdsyo77X52uoP071p2c7ra-mw7O6_vaFW2bUpHiGW2JIrZfw

170 B
188 B

33ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdSNUJXQU4tMy0xOTZV&google_push=Aer7DvJgwAjmUZ5Pt54hiI7t5Wqi2Y40fU_sRJuj8o3KnGpc6s8fOMXdsyo77X52uoP071p2c7ra-mw7O6_vaFW2bUpHiGW2JIrZfw

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdSNUJXQU4tMy0xOTZV&google_push=Aer7DvJgwAjmUZ5Pt54hiI7t5Wqi2Y40fU_sRJuj8o3KnGpc6s8fOMXdsyo77X52uoP071p2c7ra-mw7O6_vaFW2bUpHiGW2JIrZfw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7A04 0
12 B 33ms
30ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lzk89mOlHbZR7N8Yfq31eZdYIyqdsVyAP5QnJnOfvfonASElhYC43BgJQbS7LL50KemgCu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame BF29
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-7403327254807716&ias_chanId=1&ias_placementId=19429846202&bidurl=https://www.firmasec.com/...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

20ms
20ms

Script
application/javascript

2600:9000:223f:4400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=763060771&pi=t.aa~a.1258418826~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=2&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=gP1lNsoTTR&p=https%3A//www.firmasec.com&dtd=26
Protocol: H2
Server: 2600:9000:223f:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: ml8sLXd95uD59cm.BnrTx99uclgxfFZ2
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
date: Sun, 16 Apr 2023 07:46:37 GMT
x-amz-cf-pop: FRA56-P5
age: 486307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 21 Mar 2023 18:43:33 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: kt3e8D2yni__9FjrRjpJSNnrCOkFAk11pBtaXWCGFUr-tCLLDqDaIw==

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 8169 91 KB
23 KB 80ms
27ms Script
application/javascript 2600:9000:223f:4400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=763060771&pi=t.aa~a.1258418826~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=2&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=gP1lNsoTTR&p=https%3A//www.firmasec.com&dtd=26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 18342927
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: TR_dk2OCJ31n22AcvexdipNVKob0L9dT7z7UGeKrIyclKiy27dlUNQ==

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame CF5E
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-7403327254807716&ias_chanId=1&ias_placementId=19429846202&bidurl=https://www.firmasec.com/...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

21ms
21ms

Script
application/javascript

2600:9000:223f:4400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37
Protocol: H2
Server: 2600:9000:223f:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: ml8sLXd95uD59cm.BnrTx99uclgxfFZ2
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
date: Sun, 16 Apr 2023 07:46:37 GMT
x-amz-cf-pop: FRA56-P5
age: 486307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 21 Mar 2023 18:43:33 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: kVL_mCg4CcvOv7MKqyQjyRTDWJLKO80ND2pljEY_Kw_f_HC7XWpCKg==

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: nginx
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 3A97 91 KB
23 KB 51ms
44ms Script
application/javascript 2600:9000:223f:4400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 18342927
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: LPiW2fu4FF2kTidfCrHzaAqxitKAgz6HcLE63kAb6l6ccdom8GkS9A==

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame CBD6 29 KB
10 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 00:48:37 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7F77 22 KB
8 KB 24ms
23ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 161342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 02:02:41 GMT
expires: Fri, 19 Apr 2024 02:02:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame AC11
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDL0OsYtr29rKzGzyBvD7FY&google_cver=1&google_push=Aer7DvK-KAu8KJz_fu7KQMNwVCug13zN7oz36tC4GpS4IxM92B2OFE_-oTSWFUVKuxlKBCX_UFrc1WTH7FluNXDXxN1cc96XTcf7AWpv
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUzODc0MjI0ODM0OTE5NDE5Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG3HOuneHPYnQWS0AldCoMA&google_cver=1

43 B
398 B

29ms
28ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG3HOuneHPYnQWS0AldCoMA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG3HOuneHPYnQWS0AldCoMA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame AC11 0
104 B 210ms
70ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFhnWmaSz30J_ckFfkrizMo&google_cver=1&google_push=Aer7DvKwPeeMc0o8iJcmw6aqcGNTKvAZldtmH0QSEBVm-WZim3sVK5HTE52_Rd-sguGb9IptiFOo4AWJonHQc8c6UJIlrPzUqF3c4gU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AC11
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDqWG5VUE_gtjIzTqnaG0UM&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bW9rNlgxZEkxUFBaQnM1&google_gid=CAESEDqWG5VUE_gtjIzTqnaG0UM&google_cver=1&google_push=Aer7DvLq6R4GU3ChSxLjdzWge5mxUB8InNDzeEFuSDqFvTl...

170 B
188 B

33ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bW9rNlgxZEkxUFBaQnM1&google_gid=CAESEDqWG5VUE_gtjIzTqnaG0UM&google_cver=1&google_push=Aer7DvLq6R4GU3ChSxLjdzWge5mxUB8InNDzeEFuSDqFvTlfltQBEe9jjGWkjmxadnOaQKDukDt5mBOKNatbuA9RE17nQcauwx7cwX9m

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 22:51:42 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0bdcd692e53b93ca1@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bW9rNlgxZEkxUFBaQnM1&google_gid=CAESEDqWG5VUE_gtjIzTqnaG0UM&google_cver=1&google_push=Aer7DvLq6R4GU3ChSxLjdzWge5mxUB8InNDzeEFuSDqFvTlfltQBEe9jjGWkjmxadnOaQKDukDt5mBOKNatbuA9RE17nQcauwx7cwX9m
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AC11
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAh_LYAMiqAWCGhZLOZo5R8&google_cver=1&google_push=Aer7DvJitjPxSnxyvzohvB7voWhpOnilZDaPTQdAJ9E8bVn5sXKhGax9Pe99GNzzi8wz4DIQczqykrQKpv2CdES2...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Vr_pwSFMQhGDapXttcbdKw2&google_push=Aer7DvJitjPxSnxyvzohvB7voWhpOnilZDaPTQdAJ9E8bVn5sXKhGax9Pe99GNzzi8wz4DIQczqykrQKpv2CdES2wBZQ2psEtvyVG2w

170 B
188 B

33ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Vr_pwSFMQhGDapXttcbdKw2&google_push=Aer7DvJitjPxSnxyvzohvB7voWhpOnilZDaPTQdAJ9E8bVn5sXKhGax9Pe99GNzzi8wz4DIQczqykrQKpv2CdES2wBZQ2psEtvyVG2w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 21 Apr 2023 22:51:43 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Vr_pwSFMQhGDapXttcbdKw2&google_push=Aer7DvJitjPxSnxyvzohvB7voWhpOnilZDaPTQdAJ9E8bVn5sXKhGax9Pe99GNzzi8wz4DIQczqykrQKpv2CdES2wBZQ2psEtvyVG2w
x-host: tde-deliveryengine-production-64c8469d98-cqmnt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AC11
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHigcrZcovXglhaABsx2D9Y&google_cver=1&google_push=Aer7DvLrqf-PDOq98p54Mg9g4mLfjTY-EED1VJaamoAAV57z1TlkSAKRNHAwCSmnRoxBnHYDhWR9kjEQ7GDUHYQ25Y-KxNs...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLrqf-PDOq98p54Mg9g4mLfjTY-EED1VJaamoAAV57z1TlkSAKRNHAwCSmnRoxBnHYDhWR9kjEQ7GDUHYQ25Y-KxNsG-9z59QYS&google_hm=eS0wYkVNcGdwRTJwR0...

170 B
188 B

33ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLrqf-PDOq98p54Mg9g4mLfjTY-EED1VJaamoAAV57z1TlkSAKRNHAwCSmnRoxBnHYDhWR9kjEQ7GDUHYQ25Y-KxNsG-9z59QYS&google_hm=eS0wYkVNcGdwRTJwR0JqSjBiR21LT2tMbEtkOFBRTjJsaX5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 21 Apr 2023 22:51:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLrqf-PDOq98p54Mg9g4mLfjTY-EED1VJaamoAAV57z1TlkSAKRNHAwCSmnRoxBnHYDhWR9kjEQ7GDUHYQ25Y-KxNsG-9z59QYS&google_hm=eS0wYkVNcGdwRTJwR0JqSjBiR21LT2tMbEtkOFBRTjJsaX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AC11
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP3icq79RZfa_U2HcoKQVWs&google_cver=1&google_push=Aer7DvJi_j-vz1LnarTEmdOebQCXDUx0Cj6N7vPVdjI84Eevaeliw2bBCKBeCPl1wrU0arBgOjnYJ8vj...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEP3icq79RZfa_U2HcoKQVWs&google_cver=1&google_push=Aer7DvJi_j-vz1LnarTEmdOebQCXDUx0Cj6N7vPVdjI84Eevaeliw2bBCKBeCPl1wrU0arBgOjn...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk2NTk5Njk1MDU2NTE0MzA0NA&google_push=Aer7DvJi_j-vz1LnarTEmdOebQCXDUx0Cj6N7vPVdjI84Eevaeliw2bBCKBeCPl1wrU0arBgOjnYJ8...

170 B
188 B

35ms
34ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk2NTk5Njk1MDU2NTE0MzA0NA&google_push=Aer7DvJi_j-vz1LnarTEmdOebQCXDUx0Cj6N7vPVdjI84Eevaeliw2bBCKBeCPl1wrU0arBgOjnYJ8vjM75ByKNc35acWMs5cr1y9OO6

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk2NTk5Njk1MDU2NTE0MzA0NA&google_push=Aer7DvJi_j-vz1LnarTEmdOebQCXDUx0Cj6N7vPVdjI84Eevaeliw2bBCKBeCPl1wrU0arBgOjnYJ8vjM75ByKNc35acWMs5cr1y9OO6
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame AC11
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECh7kVMVfy893t1BNgTjlAI&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvLKHcgneiDXsQLCD9zKeMzuwhu6Zsx7tH-GdVlL72Q1Ho-oe0WRfInLTsOiHD4Qre9uskhyhWip8KYXKzz3NrBG4LpPe82249GH
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

49ms
47ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Fri, 21 Apr 2023 22:51:43 GMT
pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AC11 0
12 B 35ms
31ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IcG4og9NcPpsBeYbZotVeURCqLtl8iF7DTsaVlj9y7M3AU2LpS9U6_Hij5R12tD6bnqzxH6g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF29 43 B
215 B 361ms
114ms Image
image/gif 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=f2149fca-cd67-43b7-7aa1-39fccfced598&tv=%7Bc:asL9qw,pingTime:-3,time:147,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:147,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B139~0%5D,as:%5B139~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tC6BCnz+11%7C12%7C131%7C141*.990511-61634100%7C1411%7C1412%7C1413%7C1414%7C1511%7C1512%7C1513%7C1514%7C1611%7C1612%7C1613%7C171%7C172%7C1811%7C1812%7C191%7C192,idMap:141*,rmeas:1,rend:0,renddet:na,siq:27%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=763060771&pi=t.aa~a.1258418826~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=2&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=gP1lNsoTTR&p=https%3A//www.firmasec.com&dtd=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF29 43 B
215 B 357ms
113ms Image
image/gif 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=f2149fca-cd67-43b7-7aa1-39fccfced598&tv=%7Bc:asL9qx,pingTime:-6,time:148,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:148,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B140~0%5D,as:%5B140~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tC6BCnz+11%7C12%7C131%7C141*.990511-61634100%7C1411%7C1412%7C1413%7C1414%7C1511%7C1512%7C1513%7C1514%7C1611%7C1612%7C1613%7C171%7C172%7C1811%7C1812%7C191%7C192,idMap:141*,rmeas:1,rend:0,renddet:na,siq:27%7D&tpiLookup=ao:www.firmasec.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=763060771&pi=t.aa~a.1258418826~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=2&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=gP1lNsoTTR&p=https%3A//www.firmasec.com&dtd=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: nginx
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF5E 43 B
216 B 349ms
112ms Image
image/gif 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=be223e73-b08f-f7d0-dd20-f7dee8b33fa4&tv=%7Bc:asL9qF,pingTime:-3,time:104,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:104,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B97~0%5D,as:%5B97~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tC6BCnz+11%7C12%7C131%7C141.990511-61634100%7C1411%7C1412%7C1413%7C1414%7C1415%7C1511%7C1512%7C1513%7C1514%7C161*.990511-61634100%7C1611%7C1612%7C1613%7C171%7C172%7C1811%7C1812%7C191%7C192,idMap:161*,rmeas:1,rend:0,renddet:DIV,siq:23%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: nginx
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF5E 43 B
222 B 349ms
114ms Image
image/gif 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=be223e73-b08f-f7d0-dd20-f7dee8b33fa4&tv=%7Bc:asL9qG,pingTime:-6,time:105,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:105,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B98~0%5D,as:%5B98~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tC6BCnz+11%7C12%7C131%7C141.990511-61634100%7C1411%7C1412%7C1413%7C1414%7C1415%7C1511%7C1512%7C1513%7C1514%7C161*.990511-61634100%7C1611%7C1612%7C1613%7C171%7C172%7C1811%7C1812%7C191%7C192,idMap:161*,rmeas:1,rend:0,renddet:DIV,siq:23%7D&tpiLookup=ao:www.firmasec.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: nginx
x-server-name: ip-10-31-7-207.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame CBE5 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:28:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 16:28:35 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF29 43 B
215 B 312ms
113ms Image
image/gif 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=f2149fca-cd67-43b7-7aa1-39fccfced598&tv=%7Bc:asL9rj,pingTime:-2,time:196,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:978,beZ:979,mfA:982,cmA:984,inA:984,inZ:988,prA:989,prZ:999,si:1005,poA:1006,poZ:1030,cmZ:1030,mfZ:1030,loA:1126,loZ:1129,ltA:1173,ltZ:1174%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:196,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B188~0%5D,as:%5B188~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tC6BCnz+11%7C12%7C131%7C141*.990511-61634100%7C1411%7C1412%7C1413%7C1414%7C1511%7C1512%7C1513%7C1514%7C161.990511-61634100%7C1611%7C1612%7C1613%7C171%7C172%7C1811%7C1812%7C191%7C192,idMap:141*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:27,sinceFw:167,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=763060771&pi=t.aa~a.1258418826~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=2&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=gP1lNsoTTR&p=https%3A//www.firmasec.com&dtd=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF5E 43 B
215 B 311ms
114ms Image
image/gif 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=be223e73-b08f-f7d0-dd20-f7dee8b33fa4&tv=%7Bc:asL9rk,pingTime:-2,time:145,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:998,beZ:999,mfA:1001,cmA:1003,inA:1003,inZ:1007,prA:1007,prZ:1014,si:1020,poA:1021,poZ:1044,cmZ:1044,mfZ:1044,loA:1103,loZ:1105,ltA:1142,ltZ:1142%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:145,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B138~0%5D,as:%5B138~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tC6BCnz+11%7C12%7C131%7C141.990511-61634100%7C1411%7C1412%7C1413%7C1414%7C1415%7C1511%7C1512%7C1513%7C1514%7C161*.990511-61634100%7C1611%7C1612%7C1613%7C171%7C172%7C1811%7C1812%7C191%7C192,idMap:161*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,siq:23,sinceFw:121,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 FordAntennaCondMedium.subline.woff
s0.2mdn.net/sadbundle/11934569601524222564/fonts/ Frame 2B3A 13 KB
13 KB 22ms
21ms Font
font/woff 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/fonts/FordAntennaCondMedium.subline.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 09:21:48 GMT
x-content-type-options: nosniff
age: 394195
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13336
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Apr 2024 09:21:48 GMT

GET
H3 200 FordAntennaBlack.headline.woff
s0.2mdn.net/sadbundle/11934569601524222564/fonts/ Frame 2B3A 12 KB
12 KB 22ms
22ms Font
font/woff 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/fonts/FordAntennaBlack.headline.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:44:42 GMT
x-content-type-options: nosniff
age: 378421
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11876
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Apr 2024 13:44:42 GMT

GET
H3 200 FordAntennaRegular.legal.woff
s0.2mdn.net/sadbundle/11934569601524222564/fonts/ Frame 2B3A 14 KB
14 KB 25ms
25ms Font
font/woff 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/fonts/FordAntennaRegular.legal.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:32:21 GMT
x-content-type-options: nosniff
age: 170362
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14468
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Apr 2024 23:32:21 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 703E 42 B
64 B 106ms
60ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubRmK3JQIQY7pjKzkZG-vHgnbR_Km4XkxQ9pAeWLDCHyQzBoYDS4hPgfi5QD2hgX4FPCSYRm-6rzzjJs1LXYdADlfcgstEVlY5DEdspgZAlwlVfVkM32LQWa3sChWq25IKU5BpFQ&sai=AMfl-YRX1yIdIu4IIbbjrNNfW67hzU6HNCnxOFMg_DzAU20EVLzHTov77EGnrHEvcXRZ9Ihm_p7cACQ0ePoe&sig=Cg0ArKJSzG9iPCtyw1HWEAE&cid=CAQSGwBygQiDARIv76-5CRwAWNl0D0zW7WvZKuCSJxgB&id=lidar2&mcvt=1084&p=0,0,124,1005&mtos=98,778,1084,1193,1193&tos=98,680,306,109,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682117501913&rpt=286&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF29 0
0 59ms
59ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_-h4OXG-mX1mD2iVy6UTC67xIZrBt4cnEYcMlsmK_5CM9MoR96Oevjl5cwKS_8iKIwG2VyywKYr3klks9Wew668I8xCdt6Jiu69XZ3Zh03YDgOQlzjhXanCL4nTUJ4StmfcmEIyHohHNZ1Zuc3LiZslMh95mZ6-WdXDRgQR5Pi07kpgnvtedCuZPbXadD7K9WtPYYP9fXCih0H5TF1qlkulhovYMv44fsUACWIYTkIov5j3nQNTUtHKU3TqxUQyoOpeM_PtQt8iU1T-5QUu3hrJVW2aDvqqvuHxZa9puD7Yn9DJ0HPE2YAskukNqhmB8xyjDUbqDxZ5GJTv4ICiX8QK5OU9dpOR95Wwn7nfIlEaMl1mOmc-Sk2h3XPOb8O-ybovrTtfxB_bK6s4TwDkG0YYsujEe5BTOU9aY0G4pY0V8zWiXxW_dDWpixL1RuIqP2ZvlbvFvZ4NfwKQUhtL4wsJAxCegnvoi9McYqk9iU44Z-8j2OJ4sJMR_ecqy9k83lsiKC4cAfUmu-d6Af7Zau0dIS16UYRcm5uuJpML1twlU3N98lJ1LS1-qAE1M9lncpqJDPMoVcj_jsKeTLv6ZjdZ7xeOP-Gfo1RtSNJqDRy7VD5s3CIEN4M3Sh6mVce2FGM93Qs60aVmj72dPPg5SRbxR2x8GPC_nqnHSmmmEuOI9xYVJgrWXqg9zhsuks2UxI-6n4eZVbraO0EaGEwAQXmoayvu-t882xpm5u69Zp2xdMQtEC_Or97bXrNcmBzYcOQ5yYjzYFM1e1b3DSJOV7CeJrkgA2TfpxdbybThSZRLZCyfhr4C2Y8Kxk5rCcaZj9J1HGEG6fyT9eAy4EzrT6e5CTJ-bbaR0ovje7CX-cxpOIQXLC1GO0H5HHlIw0hH8cbNSYPb43IuzUm-0VrrdgG9K51k2cM7cXkPX1Xc5skcxhEPqWN3Iwrd-Ny4gVwxL1r1t4cHsdLn7T1Na-cwL76vAKya-VQH6ljrMnFGlRLFOQjfn2q6dvE74g_IL1oG0qEUSnsKTBUm95fGlh2Vf63SlOUyB4IMwh-RnDldf7g5Nj_ibWCgF3VEDpwAF2psZf9SGTve0MiGIvLQY3MuNqJliT1ON8hylQFIleJnl9ulMozMd1PbFB9iyJkQDWZkm0TFDaBmN9kiXDOTH1quinSQq_PdVnh7jWLpTc6G-XBeQPbXsoFk0bd6G8NqT9gLgae_l53TuhyvKB_HjRBCDgZmWJUvelo0nXSNdLMMuZj4oiV62W4R8xNj-OeoWTpaKK&sai=AMfl-YRX_vYHCYboFhB2yOjaT0q1i1Ctys3jqYQj2-63d64TcS1KQZPBox_PljO7-KtF9hVwfz0bwmeGUfsav-NGjNtxbW8KoY81V2erx-hevM_9GbnO4HlZKraVCiYM8LgLY3w2yVR5W4fAJT7NJzH2GQEoIAFCE04EMcWz1cgKvKk6dXmX7n4QDAzkYPf5PHQzL4ir-OpCB9R6krru6uQkkBOyoatyoNn7IKq3vG-T42W0piqSw4n8mXJF1jN-I2m09bHrFsY&sig=Cg0ArKJSzKUjLyqJkDINEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=646&vt=11&dtpt=424&dett=3&cstd=213&cisv=r20230418.00979&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 22:51:43 GMT

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame DDBB 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:28:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 16:28:35 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5DB5 42 B
64 B 81ms
59ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSi6b3KKzE65ze_u6A4bapRoEx93YcFj4TVwPqWqE21cuuTBYDIDI_YyS_MQg_5u0RUWoZdD7y8CiKMEYJfLCSfWpCex5mkPxZrX3GiNEbP3Uz7vsh053pEodN8fDRwtq186RpXA&sai=AMfl-YRjhno-niuSQYE4jo_34pbr8b-xi_jVRaoVt7pLC_wO_HAcTDAq5sWVesTKvLXbwgYuwtKCHtYvYClk&sig=Cg0ArKJSzM_b69IAOMAZEAE&cid=CAQSGwBygQiDzv8EB2Qo9FMHt5gjCoPrz4dzF35NiBgB&id=lidar2&mcvt=1016&p=0,0,280,1200&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4144480424&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682117501102&rpt=1317&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 94C5 0
0 63ms
62ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuB9LfB_l_WXF5ZN31e27nCTfsqmMkd0C56JdRijEdusRVftCwNzi2mGupKTbCyXAAE9ACiCGqnoXdlEATYfwqgnrTJamrQ97nauPq7imG8yAuhkdqxhgbTq4_-cgbZfwzCYL_gEO1ZYt-EmOe-5vDW_566C5dj4H5EtHOtpsXq96N_lKfQHP6oOVHeE9hunacKLJqHVCvEVBrpaRqcLUTyzgKeVTrDxYZhA3Y15xowwYl4mQDhy-mbc_VLjGhg1LgmoWC7VYet7d4Xf29WskkohP4mVaFh_Svi4z03vHhms785N_yJiE0m3tJ5gGr5lYoqmDiZEo6ddGCBzOpprLAGfW2euoOaDXCCSBMNW2QGMVQVu9e8saxwvXl5q5h2MHlNKszBCQ0bTF7kTF9tf73YRA_B9nj6RIzJY4_scdQQelsYXuE6OcYQfPw23fzu1mQLx6aZ1O6K7UNqpTu9xv_HD7sdytgByK6IAGcn1j2FxqgwgLiPDWsiq4qUj-lsdXsMm22rzMirltjHY2k6wCtYpmrmLriWloGvUALIeqFBBruA9UzS--S9c2BkJ6yW4Sf-uOHcuXvS9gOsY9jWGnLrlGu9Q0R17jzy-jYLmgFouNXZgCTGLP0eSPv00RG3TPwBR-a6YNJMiwwbYoul0w1SbnNwhSVlppr_mrl-OHG1GaOOApkOw6a0RHbIPcVHE45iyltYGkmhGymubu2cdu3trq8SpQySrFHy1Uya1oe9OqEyTOGJmKg91ICTyfWDS57TBeatt9KRy27XblezwxbxWYEqPY6m73oI7zM0V2DZUaOVUjeRhXEDnAW3wx6e_OK1eKRCTHl8yyKbw-96P8Fd7WPOOL7f-l2gyYE3loHUq8oK34vscqrU6sWmaeNw5wg1ZRbKqK7e5_2rLoLaumCtLGSt_FXMQt8Yo-1tPUTNZjbDxqEfp3D-2mAwoJWFTLlcG0F7BTuQxNUvznJvDOW580cDDILPnqVhBQdfGAXel6f-hS0O89uKtvcsEjyYGdHSqOM0BfBvFSYTkE0kNbUIWwHD8fw0aPodAp3nzBjcze1HpTnZlP35HD9WeFLXV_zHJ5wix3Q9uiw3kZwhNOqmuD3Nks5NedOkB5e5I1gad43hOQuvLJd7yZlrLSMuMBx__C2aUDJdiCejDW37U8Dc1Zo9qkkHx41CSoQ3M_FJYYnuUnpoPMNyXVgSZFIxdYspb9jnxUdKX1O1sEXuD8Mr1YhUAuoeR_Y6gyXT8JLZUzWKe14d&sai=AMfl-YRozzyyxCJTP02U0QSReL5VX8zImQrYG7--X1Dhv-ICEl3Tt22QPMwzhOZVoIj4pc_AQqn3LtWOm38AdrOO7SpEvN0zfrXe1d4RJ0ijTGCLI2JwuvA3GoaNclUjleoRrLruRlqgAY8uKUxICPxxO-p5khSJc4cZ5_DS0EPsk2B61FlB67hxHN-m6zGJSoDAYxG_V8XDkjtbBdFoZPL-eo1RDYUkryW3QHCwJu6vATgqae8LBSOpPcJnnhgxDmaIUMdr2xbIralYYDgZ_UJbYaymXj8g0VLA&sig=Cg0ArKJSzD4EHKqTwa0dEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=833&vt=11&dtpt=515&dett=3&cstd=312&cisv=r20230418.11695&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 22:51:43 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2B3A 7 KB
6 KB 76ms
68ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c550f49978b55c8820146a01d9782079e77aa181e51d446c8959610b64cbea3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5664
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CF5E 0
0 60ms
59ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsswLlJC9sOiw0bqrsgoDb0R3eDEIiJx-xybaA6jyexXHxyuOPue8KSRzSCZD148qhcrRaUBhrrBe5w_0mKt6a7UeIlhb8mtq8bK6TcMPQxcBRQ2khwd1rWtTgns7kMm_HEcEtGTykXQHZ6twp7bUtEQ6188ptoiZDqMBnuRkcwy8HHl0DmDjC0AZN6OkeDO5gmS1FvX_b3QYYYK0j9GtC0oQSlwIHsuMNRA06cAlPK5se_ov6qA2uW9tDmERuX1QvM63ncORCNXElCGK_tRcRbJOld_0v1Qr4GaLCsXwVCmJZsDVN-nD-sNtHnmuEvsDM6_EQGcdCpN7KSXyGy_k4T_jVJuKiQ5on1q5c8JH0pxBl7ikkjLKraztcaFdKsESrq4MXefU_xCpAfFXapQNnQGvQOhq3CDOdok3MBthjUlzjYeSeDWmh4ZxS4gNBMenWjQfi-6shZiSO76hjMS9i8mtsw2noPXyLYiVdrevZMU9CmjDwNH4tCJ7dteUCJ09OSe8QzY-7Pu5J_bCmVdBW3UcapBO1j9PUY2nbHsDin1XQfMscL4e3mNilVEXwVAtxwZ11jROW3xjlTfgOXtJ4Tss6okRrJPnBkZ-owX9MyDC0338MZw4-BzbvhhwUIwzadMAemjcPYf0eA0IejBx9eNWSQGDUBPxWTONLs66MNGtL76UBUfPSHB4gN0JjJ_Bo9SYXMKqu3xm2y169VNglg7dT6z181NKI5cYIbBveshsSfLuO7UyXkZnj1-t5xZJ0mylXsx74VS1AdH4C0dIFkveKZvS5QO55IfwTlDcHhQWkDaIptvpYCT4cQSJQgrOUhWfq9Ev89NNArToquRmMRSxBPwxfdTfDr05NGGpTN2Lol_sN1AN0vpPrGF3bqQgjfnlVbm0fMrTPIW-bftFPvxInUMwp9bEG5Hx0xYVLFIITR7VRpF7C4zBBkPC4f1p5vSDfdrFcNT_gQs6sbUNFJD199hhtK104Wc5H74nSdleUY-QWeYPgv9WMSCtTddFylVLpmc5QuQnVqd7sSqRpnHrkiNKhFE0pkl2Z4l14VOh_JZMN0yUn1uFO6UvegyB_JnQRbZvb_hQlGrm8UUu7b9h3QHFD4dr63FqU1rP1zJ5B6yIO7OmND9HuzaYpnO-MASegSVB2j4pR6QCuLSMLwLdf-BZXrL3Mo7odQj5F0l7AvVfSU3gpKXe65OpGdmgqaBi2ezE011WrOQiggCtK9jq0PKJxpHAnJ-e0AkzTKV0pjNVzvp8vHDyA&sai=AMfl-YRqQ9uDk27P_r5PI3nehqozzy9Jx79tWqpX-8lobQPWc16SRcbNUr_20EQcrcilILVF28KRxtPDLUAT95voCGPz9he9_CyNJGPLnT_y9sN6IVrnF-XV_BhIy_S8FDbnUi6SrPdT3XFhQu4GBkosnYzkSy-sAyIFWHPYUN5ZPdyNh9CpZwJlttFuoktU6LpWaRoJ3otO5MC8N2TlgxNEcaxv_Z0Cg6uWJRAqNd6vI3lvUVH866Gxa9Z9ZNkEWCJYUkPCVlk&sig=Cg0ArKJSzDS0ya8AKUJxEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=628&vt=11&dtpt=351&dett=3&cstd=274&cisv=r20230418.74643&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 22:51:43 GMT

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F77 36 KB
14 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:28:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 16:28:35 GMT

GET
H3 200 visual.jpg
s0.2mdn.net/sadbundle/11934569601524222564/img/ Frame 2B3A 81 KB
81 KB 26ms
24ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/img/visual.jpg

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c07684aa8b5395431f3b243baad78a2ddac988833fed866fa18b7d9cb6e1fdce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=BlRjIFcTsL&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:22:18 GMT
x-content-type-options: nosniff
age: 124165
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82828
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Apr 2024 12:22:18 GMT

GET
H3 200 overlay.png
s0.2mdn.net/sadbundle/11934569601524222564/img/ Frame 2B3A 95 B
124 B 31ms
29ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/img/overlay.png

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=BlRjIFcTsL&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 02:01:23 GMT
x-content-type-options: nosniff
age: 247820
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Apr 2024 02:01:23 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 7712 2 KB
1 KB 29ms
28ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Apr 2023 22:59:14 GMT

GET
H3 200 flex_tarif_white.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 7712 4 KB
2 KB 51ms
49ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1508
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Apr 2023 23:06:43 GMT

GET
H3 200 head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 7712 11 KB
3 KB 50ms
48ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3285
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Apr 2023 23:06:43 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 7712 4 KB
2 KB 30ms
28ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Apr 2023 23:00:56 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 7712 6 KB
2 KB 30ms
28ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Apr 2023 23:04:58 GMT

GET
H3 200 300x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 7712 38 KB
38 KB 31ms
28ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:43:51 GMT
x-content-type-options: nosniff
age: 472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38528
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Apr 2023 22:58:51 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame CBD6 2 KB
1 KB 23ms
20ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Apr 2023 22:59:14 GMT

GET
H3 200 flex_tarif_white.svg
s0.2mdn.net/creatives/assets/4453672/ Frame CBD6 4 KB
2 KB 36ms
34ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1508
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Apr 2023 23:06:43 GMT

GET
H3 200 head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame CBD6 11 KB
3 KB 34ms
32ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3285
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Apr 2023 23:06:43 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame CBD6 4 KB
2 KB 25ms
22ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Apr 2023 23:00:56 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame CBD6 6 KB
2 KB 25ms
23ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Apr 2023 23:04:58 GMT

GET
H3 200 300x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame CBD6 38 KB
38 KB 26ms
23ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:43:51 GMT
x-content-type-options: nosniff
age: 472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38528
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Apr 2023 22:58:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2B3A 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 22:51:43 GMT

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame A635 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:28:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 16:28:35 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF29 43 B
215 B 114ms
113ms Image
image/gif 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=f2149fca-cd67-43b7-7aa1-39fccfced598&tv=%7Bc:asL9vq,time:451,type:e,im:%7Bpci:%7Btdr:197%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:451,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B443~0%5D,as:%5B443~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tC6BCnz+11%7C12%7C131%7C141*.990511-61634100%7C1411%7C1412%7C1413%7C1414%7C1511%7C1512%7C1513%7C1514%7C161.990511-61634100%7C1611%7C1612%7C1613%7C171%7C172%7C1811%7C1812%7C191%7C192,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:27,sis:249%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=763060771&pi=t.aa~a.1258418826~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=2&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=gP1lNsoTTR&p=https%3A//www.firmasec.com&dtd=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
296 B 107ms
107ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.firmasec.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.firmasec.com
Date: Fri, 21 Apr 2023 22:51:43 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF5E 43 B
215 B 115ms
115ms Image
image/gif 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=be223e73-b08f-f7d0-dd20-f7dee8b33fa4&tv=%7Bc:asL9xq,pingTime:-10,time:523,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1682117503811%7C%7C7a0deae9283e347078f0790cbdf6fc43%7C%7Cd7e4f3761ec4d518bf16fea4156937e7%7C%7C5444ce936cdaee01f7c017217d24a748%7C%7C674c31d1a382e93aa3b7d5d50c425368%7C%7C964e88cba819733591c21df7c01c3a6b%7C%7C66d025d2288693c8f0eccd514da4d780%7C%7C1efb939fcadf92bbd23b2b1d104909ba%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF29 43 B
215 B 114ms
114ms Image
image/gif 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=f2149fca-cd67-43b7-7aa1-39fccfced598&tv=%7Bc:asL9yh,pingTime:-10,time:628,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1682117503865%7C%7C322e6c2dc1fc0c6c26b66d8858b74300%7C%7Cd7e4f3761ec4d518bf16fea4156937e7%7C%7C4a483426396f1d26a4c968fd29dedd84%7C%7Cdd6c6caaeb4d70ad88bbe0885afc0b2d%7C%7Ccc24dd530222cd78851292ff34b3816d%7C%7C6a7ac69fd673a8589c1b15fb8bd392d3%7C%7C26966b897ff1b8409e08472a6ebefee9%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=763060771&pi=t.aa~a.1258418826~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=2&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=gP1lNsoTTR&p=https%3A//www.firmasec.com&dtd=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CBE5 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwLs5fhNDZLu4Gq6t9u8P5quyoA0AAAAAOAHgBAI&bg=!UlGlUQXNAAYfNdXmPzU7ADkAdvg8Wt_X7HRM1CLqDINzT8cGIHTKUy1Wx_S8WkYTPECk2x0wcSZ7RrvVYS62s40KGMcX4Ip7cvwCAAABElIAAAAEaAEHmQMk_qDn7rPrzT4cbu1AEXDYTkYGzWrLXoRRPXD43B2IvOrN126c7aJUzjVNv2gYTA2Vj2dlUGPZeJmQf0Zxjy4v1hO15-JD9i1lG4jHjVtA-ct-FDI1c2yKWPnTFkqCAzkCVr-NsUBt35gYqHIVjqBiQRoN9blpdPhWt-E-IACDvihwtTdx7U2VYheLrnUzgPO5ZsMetM-uG7oL8wQnr9ySasRq3fpSRvSzLXIqfs8ED4GSnqj2b1X4O_gj2-GW9VMz1qpgJz0o4GgfLp8Ur3XbI56xK9iJoED89TsrTwgzPPDhVv-lCzXK47Kzp_ooh-uzVzIOOzQ5xe-OJEi1weeEpWI_TSR2rNr9_vY9EVDI3KBDESS1AmJYe0xkkrN4sLcHx3TamS054JEIKEi3z8v73qasFoqJBz6tmGHyG8vcBkSwpuUtHsgxGUTzO8uIAp_HlRxFPDJ6u8pxipIdhEqnNC1qhYNVjM9HK_GTOQ5-kTVKYQXna8cA2XaiErUN0Ulqfk-_3_0T_fPdgnWiGQDG5LgadtXD40bNTzg4nuJwFe7N1SrBylAZJJ6LGwRhcVh-J5EsCB7Mk7wZU0uNtEqm0lU8C0IqQ2b1OWzQDTQ1UlrU9-1y09wAsHvHgnj48j25tWaB4JLLfjjT9aaLMWZ4OfUkg9P67z9zCca--ok8SYOL1NrJhgdQGlnJs51_Zxi9SKZnZ_Oc2m43M9dZTu--tNl90n-JoNokYQZ-Osbs7WL4E2ZZJB4TS0uRUs6ZrQID5jvzYXda3qj5-zWM_6GjyAsCeGg6z-Kf27THQLi-RkqP0z_O7yAK9tF3g2VoIdG729GSTJz-GnzNF7QSzuNrpyKu_Gr9GAbFPskZoNlnVQoTxJPg-Xkc5WWnOcMLp83w2pgutoXDlIaMCaJHDln7g-YU2uF2K_ESXVm6y2ZZzHpF1tRhRqpC0mg3WYhTY3CCiCFKM7x7DeuixtRVtifFGePwYk10VnZJ6hhZc70tb0FXUGa6okSw7UkFsHorBy2rRZ0qUy0n31HN2DbHmjo_qHkkYpp4qZ_3hPpoW2wsGu25xXYj

Requested by

Host: www.firmasec.com
URL: https://www.firmasec.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DDBB 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbWqIfhNDZObBI86p7gP3iZzoDwAAAAA4AeAEAg&bg=!ICOlI3fNAAYfNdXmPzU7ADkAdvg8WgIqhc8exfSCdYHjGwgOUWcBzxoaohyIcW1lREk30bzV6yS4DGm5oTOKdvAshs5nT7G_8JQCAAABVVIAAAACaAEHmQMyCO4u26Kxo9Agm1CAsZI2p4r3flBfEv9HIwVqmck-4cKbiEf4k16aHF0nXeExGTHTw0klWAoOTVEGLTOqGGWNI5hAstzMjTvzUAXtbfwU_MIFMyjzzzkY9UZ7orpYzTayjv-FARGseWOIIo7hojNhsSzbWB80gZfM_cqNFyS_6f74l-GAtwz8-YvMojlpWqQvXfQ_Lz0hP28dfcUJKMS_GcIofR-3J3XwSjtS6AtTq3syA_XY5d9lxBG-dtsoi_q786YAiVMRSTj3s-4KFYyDDfqgA78DXy6mxE--4lAbt36Cmx__TD5aZcvNAcs_21htbh6hIsBojeWaPhxK0AhOTAqlGYdepwSYh4H2JN4DL9vHRXKFT3mctdCAxm2X82Itu_mMNPbyYIYNbsPb2Ac4BG3av9LeNA0hgNpaG5Y9XtIuO5w8d_7zerKjoCdx0b1K2hPK42-jOa_K0YVBzPGMbTyjqxRx2lK7Bso9y05fcGl_g-2izGvHjEkg1qEqyJVcAaqxdZ6fOmqsJPBQRB0xsmILfZqNqqCTxNGwp_qMOQz7FndlW9oAQURJ2lLa2M7m1RAvIz_-XxVn_SQnvRjdKHq3ZFr5OMCjIBijorx31J46cvbOed3paTJ75uuC71eV5ftlMlzLL14ydZteTANjtY_9kchsu6a0T3VM7XSxoPadWxHvaVpaYtUEzIDxMXhJbTm_GF6XU1gFj1LuP23YbTDy04UR6Dt0k1zVCLT-1SaLonCBOL0L0j0BtThBQrRtc7CsbErBJPbz79B_2pIf8Jh54Z92aqW5PMtGm9yLmU5W89NCIJun0hBKwvwoiuxfT48v5X5Wna25573AC6P9f-8d9f5qx5HTIP26KGIvqPA6jby2G1Ia36cIjbKaQADdeRKFlAGcVrAScqci3elxr2ORPy1KgaT2Misw6y1qmeZU7Or9z43FwWFcCV_lIcRrTpbmXTV-eAQDEG2CV2LIrLgp148yvsdBzSYSE7FvOOQKSJTZbWfj1THX7SucjDfbmJypCCc7XAWgjwOD9-X11IVuuPyLyTEggXi786A0nOMyH9fui6XBBKyNdjHt74P7J6o

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F77 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdtcyfhNDZNf4K6bA9u8PpZ2PkAYAAAAAOAHgBAI&bg=!5-Sl5LDNAAYfNdXmPzU7ADkAdvg8Wj0F_hJWt1YifxCAeb05C7LCXIGw7RMq6Qw5hHs--tsS03P3mHTgflVxSWR3dpsOToFT1VACAAABMVIAAAACaAEHmQMX-DBJYF6jFo9yQgWIP2LJ8NHXPhGidZUQiKMMyYjwqVRQJGwapgjgpAu7RSYrSMtd6o51RNHa6UMjXgHIPlp20HS0HfckozDGQZWEuS69qdb-YIrofT2dTLGyTl-Rth-GkUtvyINHAwTSPWxIumea7h4qyHQNLSWwzNafgM8G3p7J8tbMBNvaVHtyuQTWYL-Y1z9UCYCBcdJ0wMyle9J8G3mkHaIaIr3UV8AzwwHw7FT9BV79nOkN19pOZvLyNLSNq9QEHOKhbYvzPXygVSjFEhCV4nueFnROm_N4fACzttEsPm3hsT0FTN2Jpek7SlHoekpfc5a0AZBk0NNRIg6YBO-ASegqNx3x2vcYF4GSlGCzX6fhQ6VkIUVQ85i7fNXJwSz32X63yXRWYVBZ4oYTQvRCZ5Wgbq4s0ZaWJza4Qy2TK6c_Ui5gczBTOv_7w_VZdvYV1vtYEi2eg62SNveOrKpCCq9JQI364O7Dz3a0043NYPPkPoamlCjqkRxCZ0oREhvSCpPekDb7eVt_ZQ-fRjQ2-YkMmA818n4FMV2oGr6fS2y2mRurWfcdrNuFYg6iTz2JpJKCES99XvgzaCIo4NJuiK0OgHwd9_ms5Yc6s-GcMWav_Q-_styd4yHo2-ltYMx9v67M_ylifDK7ZuI_43tL3AVi-Vx_1YVJpuwCXX8mwxjVCbqhyoUGxsHYIpfkJwXGO_kL6vPvax-8QqSMOI1lSiA2LiCgFlDpc_0DXQuF5I6wEs8zBakRYE5TqlMmj3xJvI2PY4BJ9hc30IoJCrqO42O9YEl_6EG5-P_b8qYycX3lcCwPBtwCsQrHmRTHDZQ0f4opRMeuVBpZ3fLdmZ4WF10kwOjU4pvVaLA8usDrl1Mq-G5qJ50AJx9cejA-1_vYo9JxAZAifaOKvvHB0L6gBN-isKC8myi_K-iU79fxI1xGq7jaAjjArx7UgZmsiStw9sFmabYy26Hr8wFxGjdS7CXoWzeI3IhHm1jO5mSWeNL5VjWwBq365GUVwO7oI3WJ07tdEA_HwblkSycj-yMhKwYhraY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2366316601&pi=t.aa~a.1259055193~rp.4&daaos=1682092429633&w=313&fwrn=4&fwrnh=100&lmt=1682117501&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682117501828&bpp=1&bdt=1293&idt=-M&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce2af5b19d983254-22d81dd3a6dd00ed%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g&gpic=UID%3D00000bee15ab7c32%3AT%3D1682117501%3ART%3D1682117501%3AS%3DALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg&prev_fmts=0x0%2C1200x280%2C313x250%2C373x280&nras=5&correlator=6687256338316&frm=20&pv=1&ga_vid=1844569112.1682117501&ga_sid=1682117501&ga_hid=1768290670&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C44788217%2C31073967%2C31074025%2C21065725&oid=2&pvsid=2303875668733491&tmod=1424983322&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=5sexCINS7x&p=https%3A//www.firmasec.com&dtd=37

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2869AD5C51C7407CA9F3F7259918258A&RedC=c.clarity.ms&MXFR=3624E6DFCE6F654A3A2FF425CA6F6B0A
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2869AD5C51C7407CA9F3F7259918258A&MUID=361B9E98A3B4617600338C62A2666085

42 B
442 B

43ms
43ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2869AD5C51C7407CA9F3F7259918258A&MUID=361B9E98A3B4617600338C62A2666085
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
last-modified: Wed, 19 Apr 2023 15:34:17 GMT
server: Microsoft-IIS/10.0
etag: "f5c05c67d472d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5396239CA114456A9105C004E481530B Ref B: FRAEDGE1214 Ref C: 2023-04-21T22:51:44Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2869AD5C51C7407CA9F3F7259918258A&MUID=361B9E98A3B4617600338C62A2666085
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 70ms
70ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230418&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3df62282c287786151797b9926d980b8dd677dcab9dd840f28a8466e43e38488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11116
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 22:51:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1045 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firmasec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 21:24:43 GMT
expires: Sat, 20 Apr 2024 21:24:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3D9D 783 B
534 B 32ms
31ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3aa15d2f27d3bb127c56488e97f01c8ef28f33840cb3f6aed08c81e072d24bf9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hHzOrM115MGHRu-aQarEkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firmasec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-hHzOrM115MGHRu-aQarEkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 22:51:44 GMT
expires: Fri, 21 Apr 2023 22:51:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1045 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:28:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 16:28:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3D9D 0
0 54ms
53ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230418&jk=2303875668733491&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1045 0
10 B 21ms
20ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FE-nag
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 22:51:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF5E 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=be223e73-b08f-f7d0-dd20-f7dee8b33fa4&tv=%7Bc:asL9G0,time:1055,type:e,im:%7Bpci:%7Btdr:1005%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1055,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1048~0%5D,as:%5B1048~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:124,fm:tC6BCnz+11%7C12%7C131%7C141.990511-61634100%7C1411%7C1412%7C1413%7C1414%7C1415%7C1511%7C1512%7C1513%7C1514%7C161*.990511-61634100%7C1611%7C1612%7C1613%7C171%7C172%7C1811%7C1812%7C191%7C192,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:23,sis:222%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:44 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 94C5 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8659636207119&version=m202301230201&ct=76&x=1&cor=10432375854675466000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 64ms
63ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230418&jk=2303875668733491&bg=!yMuly5_NAAYfNdXmPzU7ADkAdvg8WnXzkEqdNvp7BciZA478z1boMX4J_bbuD1KXz7_c2v97C61bndsu1v01yKtg6vTfUZqbq1MCAAAAUFIAAAAFaAEHmQLfPXIsVUm_OTy3kmY4Ctt4B9vXMOgeT3KxENfKpxt10B-7jTlU4-_zixTbR6NM7_ybFPC-PnH8IqS7eXtWgCIBkm11wZ4ndEvG2D4kjP0F8dtsRCgwPveDb_Km7QpPuWeIP1oEfffXRBWEUwT-QNESGvVivHfIIKvsVwbPy8qud8R8DRxyd-_Mn_UColbhReYqQLmdlrBlCSPv8IhCMQieEqpvexJO5yiVFYxu1BGoULPtLfoGFaSL_XJPV5JCBKYQmLsoWO2QedElEO0R7KVpqXDJ63CUmfAKY6J5IBHBx3qVIS1lpv4bJVlMuiPRTUvFiPlwlH2V4N3ovgXSkZgz26QJdHfYhpddb3bY86YRychD3mWpPckC0goP24mIvgxkUInFFN9vqOOk9VyI5N8jlr2pJPW9vAKz6dlBbh6AipJRWJG1m7Uy3pTA1TFsV0EKlo0eJHwH4cyoi-ec5Kp5EMcMeWTdOkhzzsBJagMlKlCJLskQ8F82moUPP9PhcAXBO_WrVPTeBMUfKXBIED4rA5svUVrl3-zNHixNWA2VGsiKan1uQu-CmCvex0SLJVPgfi0ZwPNZTVZXsV30QlADmipJRKKleDr49U1sI6vdOLgPDFNa6fml9h19VtqA0lpqrPIsAIQZeSFDHerdyqoUDTSg42XaffBaLs1hIN7PhGZrYnBN9uhfXppeD-jduCSv8i3vhQ5Bb8vr39RoV4Up7GcsjUZkey3VCrxphY7YkClEQk0_cRtKAYpf3sKXujNvcIa4RufpjAs_Gbh2xCRrgZqYIaRnmQEhGI-3UtNaizneg4btIQjM6IjR6-sm17Z5AP74chu6hSbxiFkcmjJKd6C3Kt8R7Cl-yH4CP75yZKENpQi8dyWltgLj2_edF7ZC8hP3zlvygYfRZ07PRlD5_uBZQ7gz3ZRO75XXhgqQYCe1_kMbaViehfbwGEbMCYAvoFQ_706c-PwmuFPx3bAd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firmasec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF5E 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4549526156755&version=m202301230201&ct=76&x=1&cor=13115527702192360000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF29 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8291248623980&version=m202301230201&ct=76&x=1&cor=5842280230269590000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 22:51:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
296 B 107ms
106ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.firmasec.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.firmasec.com
Date: Fri, 21 Apr 2023 22:51:46 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.firmasec.com/	1970-01-20 11:15:24	Name: XSRF-TOKEN Value: eyJpdiI6InEyNkhsZ3l1MFFta3llYU1XSDNqWHc9PSIsInZhbHVlIjoieUQ5TldqVWVMOUgxb3EvNzJnOWV4SFpmaUdiRDAzTVRwcHdFQU9pRndUMmx5YWJOMmtPL2xIa2tnb3lOdC9WZ0g2Yi93RFM0SFJ2dTlZa2tsQXk2TEcrTStoeWJXNWI0SzVqWTlFTzYvUUt1QVBKRmdIaG1adFgxbk02MGRWSGIiLCJtYWMiOiJmOGU4NDdhOWRmNTZjNWQ2NWY2ZjVjYTBmMzYxM2VlYmU1ZmQ3OGMxNjViODM5ODJhNDk0OTllZDg2OTg5NTk2In0%3D
www.firmasec.com/	1970-01-20 11:15:24	Name: firmasec_session Value: eyJpdiI6InJRZjFIZjRrUmYvWXFXWkJTM1VlNXc9PSIsInZhbHVlIjoiaVgwTGpVcTVOUnZFUUZlK2ZsZ3d2Wk52TUxKSmRtRDVHWElOaldtU0Y1aDZEbmw2djB0cWJxRlZHRHQ0OTlLazVCcGdBWFVsVGxGbk1rbm1VZ1JsRTQrcTVEQlNkblloemJkVkk1QW40Q050b01NeThnYkJERmhLNmJYVmZvQ1ciLCJtYWMiOiJjMmQ0ZjQwZWU3YTUxYzdkM2M5NTQxZjVlODY2NGM5MTY1MWVhMjI1YWE1M2M2MmE3OWEwMzcwY2Q5ZGE2NjQ2In0%3D
www.clarity.ms/	1970-01-20 20:00:53	Name: CLID Value: 4196ea1368e34d4cb960217544f3b47b.20230421.20240420
.firmasec.com/	1970-01-20 20:51:17	Name: __utma Value: 13758880.1844569112.1682117501.1682117501.1682117501.1
.firmasec.com/	1969-12-31 23:59:59	Name: __utmc Value: 13758880
.firmasec.com/	1970-01-20 15:38:05	Name: __utmz Value: 13758880.1682117501.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.firmasec.com/	1970-01-20 11:15:18	Name: __utmt Value: 1
.firmasec.com/	1970-01-20 11:15:19	Name: __utmb Value: 13758880.1.10.1682117501
.firmasec.com/	1970-01-20 20:00:53	Name: _clck Value: 1covdpf\|1\|fay\|0
.firmasec.com/	1970-01-20 20:36:53	Name: __gads Value: ID=ce2af5b19d983254-22d81dd3a6dd00ed:T=1682117501:RT=1682117501:S=ALNI_MYFcKE9WLPLtTwYiisL_GGKcGaB3g
.firmasec.com/	1970-01-20 20:36:53	Name: __gpi Value: UID=00000bee15ab7c32:T=1682117501:RT=1682117501:S=ALNI_MbC4OUo6OYumyuB_kfU9PGfLHLJBg
.firmasec.com/	1970-01-20 11:16:43	Name: _clsk Value: pv7hg5\|1682117501512\|1\|1\|q.clarity.ms/collect
.doubleclick.net/	1970-01-20 20:36:53	Name: IDE Value: AHWqTUlmoyExe2l_jLr2Gt5JkYCk4o7uHlFZ_RhH64sQVpRlFV5F8vI9wcj_RP7_7p4
.doubleclick.net/	1970-01-20 11:15:21	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 20:00:53	Name: CMID Value: ZEMTfvgRyc4OB6sMNovXaQAA
.casalemedia.com/	1970-01-20 13:24:53	Name: CMPS Value: 2170
.casalemedia.com/	1970-01-20 13:24:53	Name: CMPRO Value: 2170
.adnxs.com/	1970-01-20 13:24:53	Name: uuid2 Value: 932864264936327920
.adnxs.com/	1970-01-20 13:24:53	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In8r$62S!]tbPl1M>e)ZlrFUfJ+tGXxo3D@T7Sc>EeDI.^viXUAcC^zA)$OyyL:7hDw@bpRzqF1`ba.RE'W/
.ctnsnet.com/	1970-01-20 20:00:53	Name: cid_e2c995d39f6248588f94cc0dfc2dfef4 Value: 1
.ctnsnet.com/	1970-01-20 20:00:53	Name: gid_CAESEJy_gGruDke2JGnO-pcypWc Value: 1
.travelaudience.com/	1970-01-20 20:45:31	Name: _tracker Value: %7B%22UUID%22%3A%2256BFE9C1-214C-4211-836A-95EDB5C6DD2B%22%7D
.w55c.net/	1970-01-20 20:45:31	Name: wfivefivec Value: mok6X1dI1PPZBs5
.pubmatic.com/	1970-01-20 11:16:43	Name: KTPCACOOKIE Value: YES
.w55c.net/	1970-01-20 11:58:29	Name: matchgoogle Value: 5
.turn.com/	1970-01-20 15:34:29	Name: uid Value: 7538742248349194193
.everesttech.net/	1970-01-20 20:00:53	Name: everest_g_v2 Value: g_surferid~ZEMTfwAAAIYZuwAn
.pubmatic.com/	1970-01-20 20:00:53	Name: KADUSERCOOKIE Value: BE24588B-1463-426C-92D5-41A9F4627647
.blismedia.com/	1970-01-20 20:00:57	Name: b Value: 6443137F76A067EF8D6656E0BLIS
.de17a.com/	1970-01-20 19:53:41	Name: guid Value: 1.770315730428626342
ads.travelaudience.com/	1970-01-20 20:45:31	Name: _tracker Value: %7B%22UUID%22%3A%2256BFE9C1-214C-4211-836A-95EDB5C6DD2B%22%7D
.mathtag.com/	1970-01-20 20:41:12	Name: uuid Value: 09fa6443-137f-4800-9827-0019cc560bd4
.mathtag.com/	1970-01-20 11:58:29	Name: mt_mop Value: 4:1682117503
.innovid.com/	1970-01-20 13:24:53	Name: uuid Value: 7629b611-8762-46c7-a9f5-c1d64a634ede-20230421 18:51:43
.adform.net/	1970-01-20 11:58:29	Name: C Value: 1
.yahoo.com/	1970-01-20 20:01:15	Name: A3 Value: d=AQABBH8TQ2QCEGVEkaTOBjRIZJexgCplysEFEgEBAQFkRGRMZAAAAAAA_eMAAA&S=AQAAAgd3Ir21YQmJ2itJJ3nnY6Q
.adform.net/	1970-01-20 12:41:41	Name: uid Value: 4965996950565143044
.tribalfusion.com/	1970-01-20 13:24:53	Name: ANON_ID Value: a9nseFs2aF8pAJsbYL7DAt6tBjXWDO7PEIUHYCrdNiP0Ur4UaqZaq4srYDmLv3kkvR8Fj2cP0fp5eJt6wPXks
.adfarm1.adition.com/	1970-01-20 13:24:53	Name: UserID1 Value: 7224639667713996955
.bing.com/	1970-01-20 20:36:53	Name: MUID Value: 361B9E98A3B4617600338C62A2666085
.c.bing.com/	1970-01-20 11:25:22	Name: MR Value: 0
.c.bing.com/	1970-01-20 20:36:53	Name: SRM_B Value: 361B9E98A3B4617600338C62A2666085
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 20:36:53	Name: MUID Value: 361B9E98A3B4617600338C62A2666085
.c.clarity.ms/	1970-01-20 11:25:22	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 11:15:18	Name: ANONCHK Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mts0.google.com/vt/data=sVevmIp4RIjqC83MEBAAc77acmCKlHxonm8z3cKyqFurwC1Ip4ghC7IHpqxetoTQXAREM3fC_DVDx0CPNpMiSw Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAer7DvL4o33Gp8815az7bmfAEvnKTHi0TpO2r0LWY58ntDvgABELdgKyWwj9lR_BQ2OfIZtYfNVZ_Z2vxcX1XlXwJBXWKjcRUyd2zw&google_gid=CAESEFRHfSKPb1YxHMCXWZCv98w&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ag.innovid.com
c.bing.com
c.clarity.ms
c1.adform.net
cdn.jsdelivr.net
cm.g.doubleclick.net
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
firmasec.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
mts0.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
q.clarity.ms
r.turn.com
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
ssl.google-analytics.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
www.clarity.ms
www.firmasec.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
104.111.217.42
142.250.181.226
142.250.186.162
151.101.2.49
18.185.64.131
185.29.132.245
185.64.190.78
185.80.39.216
185.89.210.82
20.231.53.73
2001:678:cb4:bbbb::11
213.155.156.168
2600:1f18:1aca:4280:3ebb:ce06:82f8:7c2e
2600:9000:223f:4400:8:48e:53c0:93a1
2606:4700:3032::ac43:ab76
2606:4700::6810:5614
2606:4700::6812:19ad
2620:1ec:4e:1::45
2620:1ec:c11::200
2a00:1450:4001:802::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2006
2a00:1450:400c:c00::9b
2a02:fa8:8806:12::1400
2a05:d018:d29:3601:972c:3399:2ba8:5a4e
2a05:d01c:1d8:8102:3546:3733:b35c:dc5d
34.254.57.28
34.96.105.8
35.186.193.173
35.190.0.66
35.227.252.103
35.244.174.68
37.157.3.20
68.219.88.97
69.173.144.139
85.114.159.118
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0680028ca61bf87f60fd193d0b0d1f6a86a72928bc2c7ed0dc227588d6142a8c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fdeb84a665652d068eead6224d1ab22d3faf0653688456e79b6059198c49f26
12477a515633c93d78d3c190f09981a0567eb49823593ce483cc0876f4c3d8e9
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
166b155c699564be0bfe506e67867b42197c04ac2f0509a1e188ad5e7f10cefe
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a868cad4a0420be9dc3c4736e51184ea77dc1bf49c00b48f8433c74aa06ce25
1a8ff22541abb659b5c965d334fdcbd92653979d3eec8bb581b104aa3812da9b
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
293c4dc30efea546e286c0185dce44c51099dd75f3486716f08547a8df84d6a7
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
3050220f89c0af76302e29a8770bc745f1976ce361d436befd3cb9e5d1e4a913
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3842feb5a52b01665a847ace36ff915e32116d1ba92d7315ef1b74b85cb78445
39159b6c6baeb37d98d9e347e0abd8ce6c04d34b1ac588d1351e747d55a7e7f0
3aa15d2f27d3bb127c56488e97f01c8ef28f33840cb3f6aed08c81e072d24bf9
3de34d9b7e7ebbc4deb17d27e234b8efa3a5deb2c2d756ce50531b9bdd2577c1
3df62282c287786151797b9926d980b8dd677dcab9dd840f28a8466e43e38488
3e4e65e7db3c40d4bb9c16f3e85e1e7ed107d564d25c56e3170b38da5460506f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
44b8e6429dac5bcc2f8638abbe25cc7fde4e46452d301faf6b0303429c6edabd
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
486e659b4fe80b650d0efa7bafea6e9e1a5f5152f50f5867a7d0d601d57eaf1f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54824ac70cf394cef2a5edd87ac9e7b363038b5747579ea2f588b8d5150a9d05
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c06da7948a9d70de0ee295a888c212e4717ba8dc344ed28107d3875315e201
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
58be871df61f6c512464e15db0941e63b9491bf1396a2ae3bea6f39e0854cd1c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f077e893b9b57d8b1702c55f1c47ce616fa84a5c4e7f3298e69dae401089f8f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
777b7b28cc7faa46024ed30940f2438486bcfcb7b7f94b901adc3b5f949f9aef
7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445
7b85a02b04b5b57387fca1e766d3478accf8b14142f11cd2665fdd80c890f773
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
8481ef93e49a2231b9f58f9c30edce8e4371e568b26c1f1c4948512bb8f6dc4c
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
889f2bab730d916ae6b55451a2f2fcdb173b310e29306103ece5b4c545a38156
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8bac6de3b8d70999df11321cd138bc20896a8480908d13acb85402d1103f694f
90e3f2457aad69aadfa67e68e8a5cf3408fe5b4be2acc212e0831847b963cdca
90f6219cda3c15b024187b902ea1ba6230c72438151c0a66af502e79a7d9c28c
9117c2fdee81987c8eada9706051b159165b4797032896a8e2e3192cdf6b347a
93df30b72a8d92b428059ceadc0e900bbc84cfbd003ab3d529f85591f0e02bd2
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1f0064fbfc6ae12830f80f5f0ad799b88bda2104f21c772ca46165612793483
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8997d43c32d67c4d9ff9747d82a7d6045c475bc10b13f6264f2f2b2b8ef517f
aa65baabe5bc998b48458005e539351eb065b8d69b4dbdb40903fc72338c4a12
ab47b8f50fe4195819b4af2ac0fffb2b3543502e11282d492d6cd73c124845cf
aea37a3c0fc392d4f0f76a43d5d880c6844be27863d19278649194cdc059ba8c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b38626cbab8ac7b39f4875f6d7756757561de32f388285411e1c14ecfe05e56d
b741437f08ff5a83072016e615fb8eb59bf5c2d03defb4027ec151de9d4ae0da
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bf06d08a43ed14a2757366e266f4b639b712e0f6fe039e8eb0d31e777c0c196a
c07684aa8b5395431f3b243baad78a2ddac988833fed866fa18b7d9cb6e1fdce
c3aa67b3decc478877d0c95a55dd2a4520004d1c52a2cb3234257f939220eb8b
c40c27fc5759fbd9e3679e697c481ded760fd6299b7449ac8a41820ad7af5563
c550f49978b55c8820146a01d9782079e77aa181e51d446c8959610b64cbea3c
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d7bc6f6e27c70eb76d630dd1fccc510598ad7f9f112184f5394c81305315ad0c
d98f937dedfab470f51a525b97e86401245ca348915363252f86c81974302b85
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b8c8f6c16d2cae4c13eb8907a4a7fb396ecd70104269deb719ca90b3c74126
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c
ec44c3c2b9f7f029ad962bffd11f118609bcbc16e85240f8bce3e81738c6d09f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2cec0fa7a7c336eaf509627a7a1401af6339be205824bf2276d29e870167acb
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f532ea31673ff8cc59da4c2fd78d34c3eded321e23acecce0f84dd90f3ef0d59
f5f357aa086fb2680b9a87e725d9ac476d9c52fd1cdc64819bb4c79ac32139c4
f7b69e86a437606fc41237e657c83c1b6837df42317b1d79efae4f33eb6c7172
f8f38c5e031df4153eb6caa7daf119a61df08184f621138ab1d9d88675ca01a6
fa10afda665b9623c6261763eca7e2de6b4e4c7998aad1f23864f4d0b1b3e55a
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3
fcd3b9a35d67c210cc6561100512853efc40fc9096bd5d1af6d05aa1725b3e8a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.firmasec.com Open in urlscan Pro 2606:4700:3032::ac43:ab76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

268 Requests

86 %HTTPS

55 %IPv6

36 Domains

51 Subdomains

35 IPs

9 Countries

2916 kBTransfer

7723 kBSize

46 Cookies

3 Outgoing links

Page URL History

Redirected requests

268 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.firmasec.com Open in urlscan Pro
2606:4700:3032::ac43:ab76 Public Scan

Screenshot
Live screenshot

Full Image

268
Requests

86 %
HTTPS

55 %
IPv6

36
Domains

51
Subdomains

35
IPs

9
Countries

2916 kB
Transfer

7723 kB
Size

46
Cookies

268 HTTP transactions
15 data transactions