urlscan.io logo urlscan.io
SecurityTrails logo

best-intown.com Open in urlscan Pro
65.61.9.83  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hescool.com/
Effective URL: http://best-intown.com/GooAdsites/HESCOOL-GOOAD.htm
Submission: On March 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 31 HTTP transactions. The main IP is 65.61.9.83, located in Mount Joy, United States and belongs to INFO-IQTINC, US. The main domain is best-intown.com.
This is the only time best-intown.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    162.215.226.7 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-215-226-7.unifiedlayer.com
hescool.com
4    65.61.9.83 (Mount Joy, United States)

ASN11357 (INFO-IQTINC, US)
PTR: best-intown.com
best-intown.com
10    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
8    2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
13 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
238 KB
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
7 KB
4 best-intown.com
best-intown.com
68 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 73
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8947
696 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 855
607 B
1 hescool.com
hescool.com
267 B
31 7
Domain Requested by
10 pagead2.googlesyndication.com best-intown.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 best-intown.com best-intown.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 hescool.com 1 redirects
31 9

This site contains no links.

Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh

This page contains 11 frames:

Primary Page: http://best-intown.com/GooAdsites/HESCOOL-GOOAD.htm
Frame ID: 3D34AC1EAC2481F65D1E496281D72E9E
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5946131964019825&output=html&h=15&slotname=8965434996&adk=3735580988&adf=2513617468&pi=t.ma~as.8965434996&w=728&lmt=1338780464&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&wgl=1&dt=1677932021844&bpp=19&bdt=283&idt=299&shv=r20230301&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&correlator=1546304230931&frm=20&pv=2&ga_vid=1016506007.1677932022&ga_sid=1677932022&ga_hid=844278587&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=106&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663&oid=2&pvsid=4409742204715908&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IrS390fiZu&p=http%3A//best-intown.com&dtd=320
Frame ID: 52D60EBDAFD0F6A706E9E87F235FF833
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5946131964019825&output=html&h=15&slotname=8965434996&adk=3735580988&adf=219915169&pi=t.ma~as.8965434996&w=728&lmt=1338780464&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&wgl=1&dt=1677932021867&bpp=4&bdt=305&idt=304&shv=r20230301&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=8965434996&correlator=1546304230931&frm=20&pv=1&ga_vid=1016506007.1677932022&ga_sid=1677932022&ga_hid=844278587&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663&oid=2&pvsid=4409742204715908&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Fw7aB1BprE&p=http%3A//best-intown.com&dtd=306
Frame ID: 2495145034FA68A7331AB87472697DD6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5946131964019825&output=html&h=15&slotname=8965434996&adk=3735580988&adf=2020524001&pi=t.ma~as.8965434996&w=728&lmt=1338780464&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&wgl=1&dt=1677932021874&bpp=6&bdt=312&idt=302&shv=r20230301&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=8965434996%2C8965434996&correlator=1546304230931&frm=20&pv=1&ga_vid=1016506007.1677932022&ga_sid=1677932022&ga_hid=844278587&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663&oid=2&pvsid=4409742204715908&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=86GzS5NMig&p=http%3A//best-intown.com&dtd=306
Frame ID: BBD3ECC8E39E8B849BC05EC9E053E76F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5946131964019825&output=html&h=280&slotname=2442669375&adk=2965312027&adf=1754089250&pi=t.ma~as.2442669375&w=336&lmt=1338780464&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&wgl=1&dt=1677932021881&bpp=3&bdt=319&idt=301&shv=r20230301&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=8965434996%2C8965434996%2C8965434996&correlator=1546304230931&frm=20&pv=1&ga_vid=1016506007.1677932022&ga_sid=1677932022&ga_hid=844278587&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663&oid=2&pvsid=4409742204715908&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=XHBPh7bUQ2&p=http%3A//best-intown.com&dtd=305
Frame ID: 58A1DAFD60F17955473146890B9D17FA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5946131964019825&output=html&h=280&slotname=2442669375&adk=2965312027&adf=3881815554&pi=t.ma~as.2442669375&w=336&lmt=1338780464&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&wgl=1&dt=1677932021884&bpp=3&bdt=323&idt=304&shv=r20230301&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=8965434996%2C8965434996%2C8965434996%2C2442669375&correlator=1546304230931&frm=20&pv=1&ga_vid=1016506007.1677932022&ga_sid=1677932022&ga_hid=844278587&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1053&ady=319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663&oid=2&pvsid=4409742204715908&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=atXg2BeRrS&p=http%3A//best-intown.com&dtd=307
Frame ID: E24F42D8DE514B59DF33C183F04E58C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5946131964019825&output=html&h=90&slotname=9748641095&adk=1921350008&adf=2347949065&pi=t.ma~as.9748641095&w=728&lmt=1338780464&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&wgl=1&dt=1677932021888&bpp=6&bdt=326&idt=307&shv=r20230301&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=8965434996%2C8965434996%2C8965434996%2C2442669375%2C2442669375&correlator=1546304230931&frm=20&pv=1&ga_vid=1016506007.1677932022&ga_sid=1677932022&ga_hid=844278587&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663&oid=2&pvsid=4409742204715908&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&fsb=1&xpc=ofw742XK2C&p=http%3A//best-intown.com&dtd=311
Frame ID: A51AEC0CE31F54991CD240F3E1AFBA0B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html
Frame ID: 60266DC9B506F4F5699183998AD08C90
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5946131964019825&output=html&adk=1812271804&adf=3025194257&lmt=1338780464&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&ea=0&pra=7&wgl=1&dt=1677932022739&bpp=3&bdt=1177&idt=3&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6f3cb22c0654f47-229ca8aa42dd006d%3AT%3D1677932022%3ART%3D1677932022%3AS%3DALNI_MYXdP1G8ubboNQsZqLA7U5uC4uzdw&gpic=UID%3D00000bbf08ef275f%3AT%3D1677932022%3ART%3D1677932022%3AS%3DALNI_MZ0O_O1mUi4CBxCSLk8KLdyHCIv9w&prev_slotnames=8965434996%2C8965434996%2C8965434996%2C2442669375%2C2442669375%2C9748641095&nras=1&correlator=1546304230931&frm=20&pv=1&ga_vid=1016506007.1677932022&ga_sid=1677932022&ga_hid=844278587&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663&oid=2&pvsid=4409742204715908&tmod=922735427&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=m202302270101&fu=32768&bc=23&ifi=7&uci=a!7&fsb=1&dtd=39
Frame ID: 50945AC1B097EAD66C8AE5117305BFC9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4A3EDACA01BB8B5493B0AA517AC58684
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 384EE292CD4A5D890DE8F6EFDBF1BDE9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HE'S SO COOL -  HesCool.com

Page URL History Show full URLs

  1. http://hescool.com/ HTTP 301
    http://best-intown.com/GooAdsites/HESCOOL-GOOAD.htm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

31
Requests

84 %
HTTPS

78 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

315 kB
Transfer

756 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hescool.com/ HTTP 301
    http://best-intown.com/GooAdsites/HESCOOL-GOOAD.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request HESCOOL-GOOAD.htm
best-intown.com/GooAdsites/
Redirect Chain
  • http://hescool.com/
  • http://best-intown.com/GooAdsites/HESCOOL-GOOAD.htm
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://best-intown.com/GooAdsites/HESCOOL-GOOAD.htm
Protocol
HTTP/1.1
Server
65.61.9.83 Mount Joy, United States, ASN11357 (INFO-IQTINC, US),
Reverse DNS
best-intown.com
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
ee4d2f9a9374276ce8bb9c2856644d273da583f1df542ee6d837357164cb61bf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
5787
Content-Type
text/html
Date
Sat, 04 Mar 2023 12:12:48 GMT
ETag
"6480ac1242cd1:2a571"
Last-Modified
Mon, 04 Jun 2012 03:27:44 GMT
MicrosoftOfficeWebServer
5.0_Pub
Server
Microsoft-IIS/6.0
X-Powered-By
ASP.NET

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Sat, 04 Mar 2023 12:13:40 GMT
Location
http://best-intown.com/GooAdsites/HESCOOL-GOOAD.htm
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
GOFORIT
show_ads.js
pagead2.googlesyndication.com/pagead/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: best-intown.com
URL: http://best-intown.com/GooAdsites/HESCOOL-GOOAD.htm
Protocol
HTTP/1.1
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c734d3b9e06cbfd87316e5c3df914314c082296d96e59d037e15cdf217ea278e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://best-intown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 12:13:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
4223074735657259045
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
34508
X-XSS-Protection
0
Expires
Sat, 04 Mar 2023 12:13:41 GMT
HEsCOOL-F.gif
best-intown.com/GooAdsites/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://best-intown.com/GooAdsites/images/HEsCOOL-F.gif
Requested by
Host: best-intown.com
URL: http://best-intown.com/GooAdsites/HESCOOL-GOOAD.htm
Protocol
HTTP/1.1
Server
65.61.9.83 Mount Joy, United States, ASN11357 (INFO-IQTINC, US),
Reverse DNS
best-intown.com
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
bcd77e0980b911a16af45a1abe9d5faa8589c069861419bbf8c9a2a7715300d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://best-intown.com/GooAdsites/HESCOOL-GOOAD.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 12:12:49 GMT
Last-Modified
Sat, 06 Oct 2007 05:29:52 GMT
Server
Microsoft-IIS/6.0
ETag
"087aebd97c81:2a571"
X-Powered-By
ASP.NET
MicrosoftOfficeWebServer
5.0_Pub
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
12798
geo4.gif
best-intown.com/GooAdsites/images/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://best-intown.com/GooAdsites/images/geo4.gif
Requested by
Host: best-intown.com
URL: http://best-intown.com/GooAdsites/HESCOOL-GOOAD.htm
Protocol
HTTP/1.1
Server
65.61.9.83 Mount Joy, United States, ASN11357 (INFO-IQTINC, US),
Reverse DNS
best-intown.com
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
1512a61fb76cf0cef60bd2509a8bcd8b0e66b40e7c51c7730d815ef2da780996

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://best-intown.com/GooAdsites/HESCOOL-GOOAD.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 12:12:49 GMT
Last-Modified
Tue, 15 Jul 2008 11:55:07 GMT
Server
Microsoft-IIS/6.0
ETag
"805ffe9f71e6c81:2a571"
X-Powered-By
ASP.NET
MicrosoftOfficeWebServer
5.0_Pub
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
47195
go_back.gif
best-intown.com/GooAdsites/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://best-intown.com/GooAdsites/images/go_back.gif
Requested by
Host: best-intown.com
URL: http://best-intown.com/GooAdsites/HESCOOL-GOOAD.htm
Protocol
HTTP/1.1
Server
65.61.9.83 Mount Joy, United States, ASN11357 (INFO-IQTINC, US),
Reverse DNS
best-intown.com
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
0c1d8276c5c43119ba3107c8d9873d4554d07377acc76982c7651e4436080780

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://best-intown.com/GooAdsites/HESCOOL-GOOAD.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 12:12:49 GMT
Last-Modified
Fri, 24 Jun 2011 18:31:18 GMT
Server
Microsoft-IIS/6.0
ETag
"e81984e89c32cc1:2a571"
X-Powered-By
ASP.NET
MicrosoftOfficeWebServer
5.0_Pub
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2221
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 		360 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=pub-5946131964019825&plah=best-intown.com&bust=31072648
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ea9cb3175224027485928a8272a3d23306e2d18512bbf88748a2492d4cffa38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://best-intown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 12:13:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121462
x-xss-protection
0
server
cafe
etag
5718762958991296235
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 04 Mar 2023 12:13:41 GMT
cookie.js
partner.googleadservices.com/gampad/ 		397 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=best-intown.com&callback=_gfp_s_&client=ca-pub-5946131964019825
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=pub-5946131964019825&plah=best-intown.com&bust=31072648
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db49f9aa0cfee01d9c168369ccd8bf6d81a1b5def3276ed1a7504d92f8b76721
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://best-intown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 12:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=best-intown.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=pub-5946131964019825&plah=best-intown.com&bust=31072648
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://best-intown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 12:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=best-intown.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=pub-5946131964019825&plah=best-intown.com&bust=31072648
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://best-intown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 12:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 52D6 		603 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5946131964019825&output=html&h=15&slotname=8965434996&adk=3735580988&adf=2513617468&pi=t.ma~as.8965434996&w=728&lmt=1338780464&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&wgl=1&dt=1677932021844&bpp=19&bdt=283&idt=299&shv=r20230301&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&correlator=1546304230931&frm=20&pv=2&ga_vid=1016506007.1677932022&ga_sid=1677932022&ga_hid=844278587&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=106&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663&oid=2&pvsid=4409742204715908&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IrS390fiZu&p=http%3A//best-intown.com&dtd=320
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=pub-5946131964019825&plah=best-intown.com&bust=31072648
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://best-intown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Mar 2023 12:13:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2495 		603 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5946131964019825&output=html&h=15&slotname=8965434996&adk=3735580988&adf=219915169&pi=t.ma~as.8965434996&w=728&lmt=1338780464&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&wgl=1&dt=1677932021867&bpp=4&bdt=305&idt=304&shv=r20230301&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=8965434996&correlator=1546304230931&frm=20&pv=1&ga_vid=1016506007.1677932022&ga_sid=1677932022&ga_hid=844278587&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663&oid=2&pvsid=4409742204715908&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Fw7aB1BprE&p=http%3A//best-intown.com&dtd=306
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=pub-5946131964019825&plah=best-intown.com&bust=31072648
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://best-intown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Mar 2023 12:13:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BBD3 		603 B
503 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5946131964019825&output=html&h=15&slotname=8965434996&adk=3735580988&adf=2020524001&pi=t.ma~as.8965434996&w=728&lmt=1338780464&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&wgl=1&dt=1677932021874&bpp=6&bdt=312&idt=302&shv=r20230301&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=8965434996%2C8965434996&correlator=1546304230931&frm=20&pv=1&ga_vid=1016506007.1677932022&ga_sid=1677932022&ga_hid=844278587&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663&oid=2&pvsid=4409742204715908&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=86GzS5NMig&p=http%3A//best-intown.com&dtd=306
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=pub-5946131964019825&plah=best-intown.com&bust=31072648
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://best-intown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Mar 2023 12:13:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 58A1 		436 B
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5946131964019825&output=html&h=280&slotname=2442669375&adk=2965312027&adf=1754089250&pi=t.ma~as.2442669375&w=336&lmt=1338780464&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&wgl=1&dt=1677932021881&bpp=3&bdt=319&idt=301&shv=r20230301&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=8965434996%2C8965434996%2C8965434996&correlator=1546304230931&frm=20&pv=1&ga_vid=1016506007.1677932022&ga_sid=1677932022&ga_hid=844278587&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663&oid=2&pvsid=4409742204715908&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=XHBPh7bUQ2&p=http%3A//best-intown.com&dtd=305
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=pub-5946131964019825&plah=best-intown.com&bust=31072648
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02e31301fd382bf67feac03a0294761974a12f2b4bb895f030c8ceb0b9409fce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://best-intown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
208
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Mar 2023 12:13:42 GMT
expires
Sat, 04 Mar 2023 12:13:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E24F 		436 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5946131964019825&output=html&h=280&slotname=2442669375&adk=2965312027&adf=3881815554&pi=t.ma~as.2442669375&w=336&lmt=1338780464&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&wgl=1&dt=1677932021884&bpp=3&bdt=323&idt=304&shv=r20230301&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=8965434996%2C8965434996%2C8965434996%2C2442669375&correlator=1546304230931&frm=20&pv=1&ga_vid=1016506007.1677932022&ga_sid=1677932022&ga_hid=844278587&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1053&ady=319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663&oid=2&pvsid=4409742204715908&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=atXg2BeRrS&p=http%3A//best-intown.com&dtd=307
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=pub-5946131964019825&plah=best-intown.com&bust=31072648
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8177d469c79ecb0e05d695a273941544d9b24eaf45c507889039e22f96d6973a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://best-intown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Mar 2023 12:13:42 GMT
expires
Sat, 04 Mar 2023 12:13:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A51A 		436 B
380 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5946131964019825&output=html&h=90&slotname=9748641095&adk=1921350008&adf=2347949065&pi=t.ma~as.9748641095&w=728&lmt=1338780464&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&wgl=1&dt=1677932021888&bpp=6&bdt=326&idt=307&shv=r20230301&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=8965434996%2C8965434996%2C8965434996%2C2442669375%2C2442669375&correlator=1546304230931&frm=20&pv=1&ga_vid=1016506007.1677932022&ga_sid=1677932022&ga_hid=844278587&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663&oid=2&pvsid=4409742204715908&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&fsb=1&xpc=ofw742XK2C&p=http%3A//best-intown.com&dtd=311
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=pub-5946131964019825&plah=best-intown.com&bust=31072648
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62fbd81c43a4187ee002fc21d537687a707f3f7d0476e8d892fccaaf0489297b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://best-intown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
210
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Mar 2023 12:13:42 GMT
expires
Sat, 04 Mar 2023 12:13:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=2965312027&adf=1754089250&str=false&ad_y=318.5&vph=1200&r_nh=0&r_ifr=true&qid=CPb0l_Gfwv0CFQ-nsgodOPkJ5g&w=336&h=280&err=1&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663
Requested by
Host: best-intown.com
URL: http://best-intown.com/GooAdsites/HESCOOL-GOOAD.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://best-intown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Mar 2023 12:13:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=2965312027&adf=3881815554&str=false&ad_y=318.5&vph=1200&r_nh=0&r_ifr=true&qid=CIX4l_Gfwv0CFZaEsgodcWcJ0g&w=336&h=280&err=1&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663
Requested by
Host: best-intown.com
URL: http://best-intown.com/GooAdsites/HESCOOL-GOOAD.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://best-intown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Mar 2023 12:13:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=1921350008&adf=2347949065&str=false&ad_y=602&vph=1200&r_nh=0&r_ifr=true&qid=CPK5mfGfwv0CFY3ZsgodzNkKqg&w=728&h=90&err=1&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663
Requested by
Host: best-intown.com
URL: http://best-intown.com/GooAdsites/HESCOOL-GOOAD.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://best-intown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Mar 2023 12:13:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		141 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f598596dccb36c5fa0d23bcbb131559a8c98a82cc451bdb1c72041665cc5f34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://best-intown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 12:13:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48331
x-xss-protection
0
server
cafe
etag
12654911401122552993
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 04 Mar 2023 12:13:42 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230301&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=pub-5946131964019825&plah=best-intown.com&bust=31072648
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85db7f78d1e1991337113cb8adc1d61765e923257dcc1ca38e516f6f3e92ac8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://best-intown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 12:13:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11175
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/ Frame 6026 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://best-intown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
56633
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Mar 2023 20:29:49 GMT
etag
2378337311435320485
expires
Fri, 17 Mar 2023 20:29:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=best-intown.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=pub-5946131964019825&plah=best-intown.com&bust=31072648
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://best-intown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 12:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=best-intown.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=pub-5946131964019825&plah=best-intown.com&bust=31072648
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://best-intown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 12:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5094 		0
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5946131964019825&output=html&adk=1812271804&adf=3025194257&lmt=1338780464&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&ea=0&pra=7&wgl=1&dt=1677932022739&bpp=3&bdt=1177&idt=3&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6f3cb22c0654f47-229ca8aa42dd006d%3AT%3D1677932022%3ART%3D1677932022%3AS%3DALNI_MYXdP1G8ubboNQsZqLA7U5uC4uzdw&gpic=UID%3D00000bbf08ef275f%3AT%3D1677932022%3ART%3D1677932022%3AS%3DALNI_MZ0O_O1mUi4CBxCSLk8KLdyHCIv9w&prev_slotnames=8965434996%2C8965434996%2C8965434996%2C2442669375%2C2442669375%2C9748641095&nras=1&correlator=1546304230931&frm=20&pv=1&ga_vid=1016506007.1677932022&ga_sid=1677932022&ga_hid=844278587&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663&oid=2&pvsid=4409742204715908&tmod=922735427&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=m202302270101&fu=32768&bc=23&ifi=7&uci=a!7&fsb=1&dtd=39
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=pub-5946131964019825&plah=best-intown.com&bust=31072648
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://best-intown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Mar 2023 12:13:42 GMT
expires
Sat, 04 Mar 2023 12:13:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=pub-5946131964019825&plah=best-intown.com&bust=31072648
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://best-intown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 12:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Mar 2023 12:13:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4A3E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://best-intown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
315
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Mar 2023 12:08:27 GMT
expires
Sun, 03 Mar 2024 12:08:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 384E 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f086ad3133e2b939e57aab44d480b6d42b6a84c78591912fc088c52a205190ff
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-e3CU5V1n-sVBpqdJWTVEKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://best-intown.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-e3CU5V1n-sVBpqdJWTVEKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 04 Mar 2023 12:13:43 GMT
expires
Sat, 04 Mar 2023 12:13:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
pagead2.googlesyndication.com/bg/ Frame 4A3E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 07:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
105036
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14266
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Mar 2024 07:03:07 GMT
generate_204
tpc.googlesyndication.com/ Frame 4A3E 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ih0XIg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 12:13:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 384E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230301&jk=4409742204715908&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230301&jk=4409742204715908&bg=!ra6lrvrNAAbv3-2Ez987ADkAdvg8Wkwfzz3Rtlglg87GNCU1DVbNQ4hc31xeee4-YH3iY-Gcrt4yuplTJuWBCG2Cil9uOsMK3XwCAAAAclIAAAADaAEHCgC4W3EZnymurroz2uk9MlA7eXpIT2iLch0UfkKLS58zLf3S3ZIUjAMAYEAKBbU2rUhDtWs21_ixxBbfHq1YEg3tM0CpU-QmVNboxq5FnYnOhm07r_sAzmHYtlgnHO8OYn0lNvg9aXLmNgBjxibGf860dF3SpJCQ-9qejD3AcOHmLq2rCTri47C-oF5lONy5L5Uu_dmm5U-oNzrH2uT0F_bhy8ED_uoBVToR-u9Va75_-xKYN2ZEyGbwFJkCnpW2eBFHQowypQAQ4iWP0KBKkwE6tIlcioLxFqgzxsPVc_H5fpUvuABP2hGKQqpdPHsMIf-Z89L69XwON3N3IwKDpSTpFv9IV4zAhrUk4K36ZSRv7zXLoeWCrFsYWedNsXEnNV8Ug-UjdCaJ7EfhC_LsD_kXGVfBI1gHh9ye63FM7MLeps2zCpV8-jVMSeG5EWSegFUJhWNg3cL7Ii2mt8A6-PlTV56bew8WBPiOeJf-sorPKML_dH4MxO4J9ujVCVsKAbnIwN_uZUxLaE87sCeLLv5Tc0vJ421fFZ-ooNUFeKNVd3XZyHxEq71P7jv1bw7pYN7tGhn6BmBGoH4GnUyM8irvSADi2KRuoS29B66g26SLzlOHUF0Db5fbym6Pfg_DEXmlfwyEL-21J3fn75WyQl6P-6bSxyK9hyvZBllcY-ntzSonJRPRCWkGnem3zFV6b0ydlgQk3xbahXAfYkOdrzk9nJO4z4SaMBqK_yqvdjXGuQpFOo6QXiPHvd1uDr08__m2gpCQNM0cVq9drE91tg5AT7oGJPAimCnGqV7dsKbREHc5sigJZbd3DdGDqnG9KoEjqT2xJRHIudAeofcUDbTDGBDPLmlTvaoYKR-wt0lpTrRl74wyjfHn9NG3KtAfVAnr7n1b9dP7C74hve9YhZVOqhpApkSvOjULC3SAP3m2YyukXj7OXjDMBalbQ4dZ_xbJIZy-yDbykAqMp-o9tWdqXeMjtbQVD7_H0_lXWKC9Xe0SDXP1iHLTAPDLgKf3pdE5F2py8GtAkGmSfGSStEqwSpLP35HmtIBNOHGcDeXu8oOGFKzb5QPhhQonX6zRXui1hJ4E_f86nv4iq0s6G697dRE5qMLIyehqmro-4OGZgknsBNAyc1Z50ec
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://best-intown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 boolean| credentialless object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots number| google_unique_id object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_daaos_ts object| google_erank object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing object| google_ad_public_floor object| google_ad_private_floor object| google_traffic_source object| easpi object| easpa object| asgr object| asmrc object| asntp object| asntpv object| asntpl object| asntpm object| asntpc object| asna object| asnd object| asnp object| asns object| asmat object| asptt object| asro object| ascet object| asrc object| asbu object| aseb object| asla object| asaa object| asupm object| google_shadow_mode boolean| google_apltlad object| google_sv_map function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ boolean| _gfp_a_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| adsbygoogle number| tmod function| google_spfd number| google_rum_task_id_counter object| GoogleGcLKhOms

3 Cookies

Domain/Path Name / Value
.best-intown.com/ Name: __gads
Value: ID=c6f3cb22c0654f47-229ca8aa42dd006d:T=1677932022:RT=1677932022:S=ALNI_MYXdP1G8ubboNQsZqLA7U5uC4uzdw
.best-intown.com/ Name: __gpi
Value: UID=00000bbf08ef275f:T=1677932022:RT=1677932022:S=ALNI_MZ0O_O1mUi4CBxCSLk8KLdyHCIv9w
.doubleclick.net/ Name: IDE
Value: AHWqTUk-xHg56I92O_DyhSCqUXGmxA8UlItqYUnyCxZD_sscvec1GO7oxC2wqy9Q

3 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5946131964019825&output=html&h=15&slotname=8965434996&adk=3735580988&adf=2020524001&pi=t.ma~as.8965434996&w=728&lmt=1338780464&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&wgl=1&dt=1677932021874&bpp=6&bdt=312&idt=302&shv=r20230301&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=8965434996%2C8965434996&correlator=1546304230931&frm=20&pv=1&ga_vid=1016506007.1677932022&ga_sid=1677932022&ga_hid=844278587&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663&oid=2&pvsid=4409742204715908&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=86GzS5NMig&p=http%3A//best-intown.com&dtd=306
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5946131964019825&output=html&h=15&slotname=8965434996&adk=3735580988&adf=219915169&pi=t.ma~as.8965434996&w=728&lmt=1338780464&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&wgl=1&dt=1677932021867&bpp=4&bdt=305&idt=304&shv=r20230301&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=8965434996&correlator=1546304230931&frm=20&pv=1&ga_vid=1016506007.1677932022&ga_sid=1677932022&ga_hid=844278587&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663&oid=2&pvsid=4409742204715908&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Fw7aB1BprE&p=http%3A//best-intown.com&dtd=306
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5946131964019825&output=html&h=15&slotname=8965434996&adk=3735580988&adf=2513617468&pi=t.ma~as.8965434996&w=728&lmt=1338780464&url=http%3A%2F%2Fbest-intown.com%2FGooAdsites%2FHESCOOL-GOOAD.htm&wgl=1&dt=1677932021844&bpp=19&bdt=283&idt=299&shv=r20230301&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&correlator=1546304230931&frm=20&pv=2&ga_vid=1016506007.1677932022&ga_sid=1677932022&ga_hid=844278587&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=106&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C31072648%2C31071663&oid=2&pvsid=4409742204715908&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IrS390fiZu&p=http%3A//best-intown.com&dtd=320
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
best-intown.com
googleads.g.doubleclick.net
hescool.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
162.215.226.7
2a00:1450:4001:806::2001
2a00:1450:4001:808::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:400d:807::2002
2a00:1450:400d:808::2002
2a00:1450:400d:80c::2002
65.61.9.83
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02e31301fd382bf67feac03a0294761974a12f2b4bb895f030c8ceb0b9409fce
0c1d8276c5c43119ba3107c8d9873d4554d07377acc76982c7651e4436080780
1512a61fb76cf0cef60bd2509a8bcd8b0e66b40e7c51c7730d815ef2da780996
1ea9cb3175224027485928a8272a3d23306e2d18512bbf88748a2492d4cffa38
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62fbd81c43a4187ee002fc21d537687a707f3f7d0476e8d892fccaaf0489297b
8177d469c79ecb0e05d695a273941544d9b24eaf45c507889039e22f96d6973a
85db7f78d1e1991337113cb8adc1d61765e923257dcc1ca38e516f6f3e92ac8a
8f598596dccb36c5fa0d23bcbb131559a8c98a82cc451bdb1c72041665cc5f34
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
bcd77e0980b911a16af45a1abe9d5faa8589c069861419bbf8c9a2a7715300d3
c734d3b9e06cbfd87316e5c3df914314c082296d96e59d037e15cdf217ea278e
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
db49f9aa0cfee01d9c168369ccd8bf6d81a1b5def3276ed1a7504d92f8b76721
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee4d2f9a9374276ce8bb9c2856644d273da583f1df542ee6d837357164cb61bf
f086ad3133e2b939e57aab44d480b6d42b6a84c78591912fc088c52a205190ff