urlscan.io logo urlscan.io
SecurityTrails logo

www.stop419scams.com Open in urlscan Pro
2607:f1c0:100f:f000::28e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.stop419scams.com/
Effective URL: https://www.stop419scams.com/
Submission: On November 11 via manual from BB — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 16 domains to perform 130 HTTP transactions. The main IP is 2607:f1c0:100f:f000::28e, located in United States and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is www.stop419scams.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on October 19th 2023. Valid for: a year.
This is the only time www.stop419scams.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

36    2607:f1c0:100f:f000::28e (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
www.stop419scams.com
8    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
2    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
11    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
13    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
5    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
21    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
36 stop419scams.com
www.stop419scams.com
491 KB
29 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
507 KB
16 gstatic.com
www.gstatic.com
fonts.gstatic.com
173 KB
13 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net Failed
179 KB
8 google.com
translate.google.com — Cisco Umbrella Rank: 1323
cse.google.com — Cisco Umbrella Rank: 3113
www.google.com — Cisco Umbrella Rank: 2
150 KB
6 googleapis.com
translate.googleapis.com — Cisco Umbrella Rank: 960
fonts.googleapis.com — Cisco Umbrella Rank: 31
86 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
252 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
21 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
81 KB
0 teads.tv Failed
sync.teads.tv Failed
0 onetag-sys.com Failed
onetag-sys.com Failed
0 innovid.com Failed
ag.innovid.com Failed
0 adform.net Failed
c1.adform.net Failed
0 criteo.com Failed
dis.criteo.com Failed
0 yahoo.com Failed
pr-bh.ybp.yahoo.com Failed
130 16
Domain Requested by
36 www.stop419scams.com 1 redirects www.stop419scams.com
21 tpc.googlesyndication.com googleads.g.doubleclick.net
13 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
11 www.gstatic.com www.gstatic.com
translate.googleapis.com
googleads.g.doubleclick.net
8 pagead2.googlesyndication.com www.stop419scams.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
6 www.google.com 1 redirects cse.google.com
www.stop419scams.com
googleads.g.doubleclick.net
5 fonts.googleapis.com googleads.g.doubleclick.net
5 fonts.gstatic.com www.stop419scams.com
fonts.googleapis.com
4 www.googleadservices.com www.stop419scams.com
4 www.googletagservices.com googleads.g.doubleclick.net
2 www.google-analytics.com www.stop419scams.com
www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 translate.googleapis.com
1 cse.google.com www.stop419scams.com
1 translate.google.com www.stop419scams.com
0 sync.teads.tv Failed googleads.g.doubleclick.net
0 onetag-sys.com Failed googleads.g.doubleclick.net
0 ag.innovid.com Failed googleads.g.doubleclick.net
0 c1.adform.net Failed googleads.g.doubleclick.net
0 dis.criteo.com Failed googleads.g.doubleclick.net
0 pr-bh.ybp.yahoo.com Failed googleads.g.doubleclick.net
0 cm.g.doubleclick.net Failed googleads.g.doubleclick.net
130 23

This site contains links to these domains. Also see Links.

Domain
stop419scams.com
www.mcall.com
scamhunter.org
antifraudintl.org
www.phpbb.com
Subject Issuer Validity Valid
*.stop419scams.com
Encryption Everywhere DV TLS CA - G2		 2023-10-19 -
2024-11-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 19 frames:

Primary Page: https://www.stop419scams.com/
Frame ID: 5C2D4E990CF78229AF609A8B03158257
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Frame ID: DEABECCEB0426FCDF98D0EA5B3D4B3F5
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 5561B84B60ED3148D649F22565FED48E
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/m=el_main_css
Frame ID: 62BA78A647B87FF8B8AF91CC6DD0036F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&slotname=8688644703&adk=940626562&adf=413035527&pi=t.ma~as.8688644703&w=1152&fwrn=4&fwrnh=100&lmt=1699729217&rafmt=1&format=1152x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729217486&bpp=3&bdt=1129&idt=266&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=2648845451294&frm=20&pv=2&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=282
Frame ID: 943452129088D56DCB921D627C2FFD2C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&slotname=6663232697&adk=2349394808&adf=3807848571&pi=t.ma~as.6663232697&w=1152&fwrn=4&fwrnh=100&lmt=1699729217&rafmt=1&format=1152x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729217489&bpp=1&bdt=1132&idt=285&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1152x280&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=2013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=288
Frame ID: DA692FF04C5B079D3B83966827949716
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&adk=1511961599&adf=2261577023&lmt=1699729217&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729217506&bpp=4&bdt=1149&idt=275&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1152x280%2C1152x280&nras=1&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=292
Frame ID: 260D381B576D8D1297ABBAF281FD05D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&adk=3265069742&adf=1179691971&pi=t.aa~a.4252551101~rp.4&w=1142&fwrn=4&fwrnh=100&lmt=1699729218&rafmt=1&to=qs&pwprc=9609842440&format=1142x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729218698&bpp=1&bdt=2341&idt=-M&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9ac5bbe8f668db9%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MYW3KT04SfN7lUHr_NkYW0MozGmgg&gpic=UID%3D00000cd780fb348b%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MZTa7zRH9jipv0B2W_V5C1OCzG6Pw&prev_fmts=1152x280%2C1152x280%2C0x0&nras=2&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=1789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Frame ID: B0C60A01D0492FE3BBA1DFC915A290EC
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=90&adk=346965371&adf=44848809&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699729218&rafmt=1&to=qs&pwprc=9609842440&format=1200x90&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729218698&bpp=1&bdt=2342&idt=-M&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9ac5bbe8f668db9%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MYW3KT04SfN7lUHr_NkYW0MozGmgg&gpic=UID%3D00000cd780fb348b%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MZTa7zRH9jipv0B2W_V5C1OCzG6Pw&prev_fmts=1152x280%2C1152x280%2C0x0%2C1142x280&nras=3&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2550&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=14
Frame ID: F112009BAC07EFA075B026278C548516
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=90&adk=1418752978&adf=653552374&pi=t.aa~a.1627829877~rp.1&w=1152&fwrn=4&fwrnh=100&lmt=1699729218&rafmt=1&to=qs&pwprc=9609842440&format=1152x90&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729218698&bpp=1&bdt=2341&idt=1&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9ac5bbe8f668db9%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MYW3KT04SfN7lUHr_NkYW0MozGmgg&gpic=UID%3D00000cd780fb348b%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MZTa7zRH9jipv0B2W_V5C1OCzG6Pw&prev_fmts=1152x280%2C1152x280%2C0x0%2C1142x280%2C1200x90&nras=4&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=2368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Frame ID: 2024B7225A265B7747BC53DC1B76A1F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: AD6D604AC0E1A02E434BE50053D9E2B5
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 1373D5E093D8CA21C13BDB2FECFA8CD2
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 17155CA86B1649E9DE0C71535170AE83
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 30940E507DE50A42689AB8D2348FD88B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: D8704419A51B19D5E372CD5A9C0CB958
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: C06DDF1FF6F0B232CF6DA4D34EB4AC77
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 115EF565E434A11F682DD7FA13FB0A3A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EEF3134677ABF44F6D1D5C29838F9916
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 8D554010529A71B0DA21B6DABD1D4F1E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Stop 419 Scams and Scammers - Forums

Page URL History Show full URLs

  1. http://www.stop419scams.com/ HTTP 302
    https://www.stop419scams.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+styles/(?:sub|pro)silver/theme
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

130
Requests

88 %
HTTPS

94 %
IPv6

16
Domains

23
Subdomains

18
IPs

2
Countries

1942 kB
Transfer

4597 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.stop419scams.com/ HTTP 302
    https://www.stop419scams.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cm4STQc9PZYKvOfyd29gPhuq_4A3Z-siRdN3ag76jEdrZHhABIIyDtm1glfqEgpgHoAHzj_upKcgBCakC0ktZ957tsT6oAwHIA8sEqgTeAU_QfvbFE3GJfvgYbLV0Yj20QnpkNQdbR7w65SnH5OqzL205n8QKDrCucndPr-XyiMzKAWfKwSdx1nEVaQOm6moSXJCnbfMZ9ccWORHx0l44ciR4QzpH7wUyEc9lnSUpKoZSFpqfvKUI9ZKjYXWkG0aG4zP10Eyl2MY-noe_jW4T_S9tYpMQF5TP01prw16jJxOoLtvKeiqN-OgEORjK4NL-a49DU_tI_PrjGtr7cwdLdFeyMwTSyafXqF1pTIrH3A2E-ZeN0AgKc2wz38_THO_fySSNW4n1rkA8envU6sAEvIighKwEiAWI9quKS5IFBAgEGAGSBQQIBRgEoAYugAfzx8uJBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEKnSB9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCagBaHR0cHM6Ly91cy5zaG9mYXN0LmNvbS9kc3I_cT1iZXN0JTIwZW50ZXJwcmlzZSUyMHJhbnNvbXdhcmUlMjBwcm90ZWN0aW9uJmFzaWQ9em13X2NoMzIzJmRlPWMmc2NsaWQ9MC0yNDAxNSZnY2xpZD17Z2NsaWR9JnJhYz1iZXN0JTIwZW50ZXJwcmlzZSUyMHJhbnNvbXdhcmUlMjBwcm90ZWN0aW9ugAoByAsBogwMKgoKCOS0sQLutbECuBPkA9gTDIgUBtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yNDIzNzUxNjI5MTE3OTIyGAA&sigh=hNVF4ScVu9c&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaNVrW5sNLukxjd1UmbOXhgJe3iAvJYCsLQEzdZcfWRfoaxab-L76p83501dKa9q7TWrbgPBEpzIj4OzqUb8_YtVP-fqo0SZtCORhgB&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221521576551787692088%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211093854195%22],%224%22:[%2211-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212277740141642438161%22}&andc=true
Request Chain 104
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CpREMQc9PZeabPPeu29gP0LW4gAyl2aXmc-nLvcKrEMCNtwEQASCMg7ZtYJX6hIKYB6ABjezk2QLIAQGpAns6gqYjUKg-qAMByAPLBKoE2QFP0GV33fMGjKxR7RFnaOhed671kaxhHAaCDFJ4j9Pzy6GSz00UWHlSW8zP-4BtmjZxEuTVYRWpCKFvLfJfZCdiQUHwaD7ADOqThya7WaAWhV2ChxN1KmOUcumCF2BNLKm0xgsLyye2s4AWgLQLWRuQvRmK7uIi1OsG2TQnrwk564YyrLc6qQiKDF8wM51ya6HgRsrot3mdxg2n03YofUQ6bGIhnNk7Wf9EYD7LBwrhI19kl4boz55wK5S0Our5MeesfF2wy3CXwYihW4v6QOxb-WHvu2rxMl6VwATy2dTlmgSIBZGl3IA0kgUECAQYAZIFBAgFGASAB9uTm6YBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQucEC0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJYmh0dHBzOi8vcGNoZWxwc29mdC5jb20vc3RhdGljL2xwL2RyaXZlci11cGRhdGVyL2VuL0xQMTkucGhwP2NhbXBhaWduaWQ9QURXT1JEUyZmaWx0ZXI9MTQ0NjMxNDc1NDQygAoByAsBogwMKgoKCOS0sQLutbEC2BMNiBQB0BUBgBcBshccChoIABIUcHViLTI0MjM3NTE2MjkxMTc5MjIYAA&sigh=fPsIUS0d4wI&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaNGP3LRCMQrQDqH_D7a2-uy_crFUcrEuo0f0Da8T6LvPMHOwPQo51T3en8JFs7AsLRWTqLSCCdWGegdflBoe-JVHP5-QEtkQ_NrBgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211730649209153654354%22,%22debug_reporting%22:true,%22destination%22:%22https://pchelpsoft.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22725169677%22],%224%22:[%2211-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223071596399250986657%22}&andc=true
Request Chain 105
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 121
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEOFGuxKo0P5JaHEfnC3uc-c&google_cver=1&google_push=AXcoOmSTPJp3k-ig6gGcKzgya9cEC3uxwh3AMWJZNOkWfbFY7ngX2ebZl_iDwm6aHfwXfiUniae_LmlodOXfSXTaGUUdvTY3v7kMoEaqCzZ79y7KRvtgwBQpyhJb6LZVQ_C8SkHAM9lgRKTjVYPXMBGfwT6W HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmSTPJp3k-ig6gGcKzgya9cEC3uxwh3AMWJZNOkWfbFY7ngX2ebZl_iDwm6aHfwXfiUniae_LmlodOXfSXTaGUUdvTY3v7kMoEaqCzZ79y7KRvtgwBQpyhJb6LZVQ_C8SkHAM9lgRKTjVYPXMBGfwT6W&google_hm=9wkF2c6oSKmV-uYI5AlDnBw

130 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.stop419scams.com/
Redirect Chain
  • http://www.stop419scams.com/
  • https://www.stop419scams.com/
72 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
ed793520fe380b8c8641b803acdc6a947f914c6235813fe341f9a06f977e9936

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-cache="set-cookie"
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 11 Nov 2023 19:00:16 GMT
expires
Sat, 11 Nov 2023 19:00:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
Apache
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
213
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 11 Nov 2023 19:00:15 GMT
Keep-Alive
timeout=15
Location
https://www.stop419scams.com/
Server
Apache
font-awesome.min.css
www.stop419scams.com/assets/css/ 		30 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/assets/css/font-awesome.min.css?assets_version=285
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:16 GMT
last-modified
Thu, 09 Jan 2020 09:04:27 GMT
server
Apache
accept-ranges
bytes
etag
"7918-59bb14bd8e7ea"
content-length
31000
content-type
text/css
stylesheet.css
www.stop419scams.com/styles/prosilver/theme/ 		749 B
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
5f44462dc0734a49349994d91b6e29c1ae09ab62cec76f780905b969d3d35f12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:16 GMT
last-modified
Thu, 09 Jan 2020 09:37:31 GMT
server
Apache
accept-ranges
bytes
etag
"2ed-59bb1c2128504"
content-length
749
content-type
text/css
stylesheet.css
www.stop419scams.com/styles/prosilver/theme/en/ 		80 B
222 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/styles/prosilver/theme/en/stylesheet.css?assets_version=285
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
78c7ebc04d2d852e123ff939e93c09a5043177c12d52a60135036551ed91d1f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:16 GMT
last-modified
Thu, 09 Jan 2020 10:17:05 GMT
server
Apache
accept-ranges
bytes
etag
"50-59bb24f9586ec"
content-length
80
content-type
text/css
disclaimer.css
www.stop419scams.com/ext/david63/disclaimer/styles/all/theme/ 		31 B
174 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/ext/david63/disclaimer/styles/all/theme/disclaimer.css?assets_version=285
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
a124180f9cac7ca543bf3de968953a074e3ac285a876d896ac16e740d4779576

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:16 GMT
last-modified
Thu, 09 Jan 2020 10:31:54 GMT
server
Apache
accept-ranges
bytes
etag
"1f-59bb284991446"
content-length
31
content-type
text/css
googlesearch.css
www.stop419scams.com/ext/hifikabin/googlesearch/styles/prosilver/theme/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/ext/hifikabin/googlesearch/styles/prosilver/theme/googlesearch.css?assets_version=285
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
a48463b659f95cb23f82da2d32cad99dd4434d411158c998d15499d3812fa54d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:16 GMT
last-modified
Thu, 09 Jan 2020 10:32:07 GMT
server
Apache
accept-ranges
bytes
etag
"76d-59bb2855a9303"
content-length
1901
content-type
text/css
translate.css
www.stop419scams.com/ext/hifikabin/translate/styles/prosilver/theme/ 		223 B
367 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/ext/hifikabin/translate/styles/prosilver/theme/translate.css?assets_version=285
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
d8c7ef6b235ca83f08709c9321cdab5733900f63334c733cd5869bcd57e552e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:16 GMT
last-modified
Thu, 09 Jan 2020 10:32:11 GMT
server
Apache
accept-ranges
bytes
etag
"df-59bb285955af2"
content-length
223
content-type
text/css
breadcrumb-menu.css
www.stop419scams.com/ext/paybas/breadcrumbmenu/styles/all/theme/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/ext/paybas/breadcrumbmenu/styles/all/theme/breadcrumb-menu.css?assets_version=285
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
49de431df718d39a00d6621bfc3feeb7030949a2a3b3b4fbba441517d60eb930

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:16 GMT
last-modified
Thu, 09 Jan 2020 10:32:21 GMT
server
Apache
accept-ranges
bytes
etag
"9ed-59bb286341e70"
content-length
2541
content-type
text/css
abbc3_common.min.css
www.stop419scams.com/ext/vse/abbc3/styles/all/theme/ 		857 B
1001 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/ext/vse/abbc3/styles/all/theme/abbc3_common.min.css?assets_version=285
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
bf63b5e7610143630afc177937eb4f723527452d91f489d1f93d2c0acc73d8d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:16 GMT
last-modified
Thu, 09 Jan 2020 10:33:08 GMT
server
Apache
accept-ranges
bytes
etag
"359-59bb288fc82bf"
content-length
857
content-type
text/css
phpbbads.css
www.stop419scams.com/ext/phpbb/ads/styles/all/theme/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/ext/phpbb/ads/styles/all/theme/phpbbads.css?assets_version=285
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
d75f32679d5fefb1dbb783da1036c88d6d759c80c8e525c6aa51ec5034da4d14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:16 GMT
last-modified
Sun, 12 Jan 2020 04:57:35 GMT
server
Apache
accept-ranges
bytes
etag
"496-59bea327a4a58"
content-length
1174
content-type
text/css
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
157160dea5c1a67ffc1ba5ce23d422047226426d1b4f1bd10847825ceea6e4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52836
x-xss-protection
0
server
cafe
etag
3026021384458979877
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 11 Nov 2023 19:00:17 GMT
jquery.min.js
www.stop419scams.com/assets/javascript/ 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/assets/javascript/jquery.min.js?assets_version=285
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:16 GMT
last-modified
Thu, 09 Jan 2020 09:04:32 GMT
server
Apache
accept-ranges
bytes
etag
"17b8b-59bb14c27c4d0"
content-length
97163
content-type
text/javascript
core.js
www.stop419scams.com/assets/javascript/ 		44 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/assets/javascript/core.js?assets_version=285
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
ac811cd9506f48810e70de73c762fff39a5d641acf5e26c0bae469178c077ba7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:16 GMT
last-modified
Thu, 09 Jan 2020 09:04:31 GMT
server
Apache
accept-ranges
bytes
etag
"b0dc-59bb14c1238ce"
content-length
45276
content-type
text/javascript
element.js
translate.google.com/translate_a/ 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9e90829a5dbde4dd0f5636b927b586ea71f744f4ed2955b43aa5a19cc4265b35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 19:00:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
forum_fn.js
www.stop419scams.com/styles/prosilver/template/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/styles/prosilver/template/forum_fn.js?assets_version=285
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
d4eecc7bc7a9375f58f13c9f0971a5eadb4cc4be7c9b185f90f337227ade8406

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:16 GMT
last-modified
Thu, 09 Jan 2020 09:37:06 GMT
server
Apache
accept-ranges
bytes
etag
"5b66-59bb1c0969363"
content-length
23398
content-type
text/javascript
ajax.js
www.stop419scams.com/styles/prosilver/template/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/styles/prosilver/template/ajax.js?assets_version=285
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
ed5d463f0e79e33f204da1695ea3658a1d6781750056d7e3dc29c1477d35ed6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:16 GMT
last-modified
Thu, 09 Jan 2020 09:37:03 GMT
server
Apache
accept-ranges
bytes
etag
"2ec1-59bb1c07167c3"
content-length
11969
content-type
text/javascript
disclaimer_fn.js
www.stop419scams.com/ext/david63/disclaimer/styles/all/template/ 		115 B
263 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/ext/david63/disclaimer/styles/all/template/disclaimer_fn.js?assets_version=285
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
7636bbffcb75cf58e97b0c09641ccbd8f09d381df6b0c6836179fbd08d3eeb68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:16 GMT
last-modified
Thu, 09 Jan 2020 10:31:54 GMT
server
Apache
accept-ranges
bytes
etag
"73-59bb2848fec5c"
content-length
115
content-type
text/javascript
jquery-ui-1.11.2.custom.min.js
www.stop419scams.com/ext/paybas/breadcrumbmenu/styles/all/template/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/ext/paybas/breadcrumbmenu/styles/all/template/jquery-ui-1.11.2.custom.min.js?assets_version=285
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
42cb3377949c536a0862c30f5a949bfe93a5539302c98367cc9b6736c8fe054a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:16 GMT
last-modified
Thu, 09 Jan 2020 10:32:19 GMT
server
Apache
accept-ranges
bytes
etag
"659c-59bb286164546"
content-length
26012
content-type
text/javascript
breadcrumb-menu.js
www.stop419scams.com/ext/paybas/breadcrumbmenu/styles/all/template/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/ext/paybas/breadcrumbmenu/styles/all/template/breadcrumb-menu.js?assets_version=285
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
2b57e3d7e9444012dbbde8979e256850b86b457525b9cb868004ff48699f8d53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
last-modified
Thu, 09 Jan 2020 10:32:19 GMT
server
Apache
accept-ranges
bytes
etag
"1e51-59bb286159963"
content-length
7761
content-type
text/javascript
abbc3.min.js
www.stop419scams.com/ext/vse/abbc3/styles/all/template/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/ext/vse/abbc3/styles/all/template/js/abbc3.min.js?assets_version=285
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
46a1b5a101933949e95a427caae7f23b4c5d15f444160f2dcaa04c6fc1824e36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
last-modified
Fri, 10 Jan 2020 00:55:53 GMT
server
Apache
accept-ranges
bytes
etag
"6a0-59bbe967391fc"
content-length
1696
content-type
text/javascript
init.min.js
www.stop419scams.com/ext/s9e/highlighter/styles/all/template/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/ext/s9e/highlighter/styles/all/template/init.min.js?assets_version=285
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
bbbfd971bc53fbc6a49dbdca1a430817843025a8ddeab4f74ee2877c4a9d4723

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
last-modified
Thu, 09 Jan 2020 10:32:52 GMT
server
Apache
accept-ranges
bytes
etag
"11c4-59bb2880e0788"
content-length
4548
content-type
text/javascript
normalize.css
www.stop419scams.com/styles/prosilver/theme/ 		7 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/styles/prosilver/theme/normalize.css?v=3.2
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
97d8edd58740293f8774574a7928df397d42cb5f91ce0134c5aacc5cbb2d4c76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:16 GMT
last-modified
Thu, 09 Jan 2020 09:37:30 GMT
server
Apache
accept-ranges
bytes
etag
"1dd8-59bb1c207f5e4"
content-length
7640
content-type
text/css
base.css
www.stop419scams.com/styles/prosilver/theme/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/styles/prosilver/theme/base.css?v=3.2
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
e527e0eb0d56aacb1e8c1c6b443dc8c9fb8636f3ca0b89db86944b9754ccec49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:16 GMT
last-modified
Thu, 09 Jan 2020 09:37:27 GMT
server
Apache
accept-ranges
bytes
etag
"82f-59bb1c1d80c44"
content-length
2095
content-type
text/css
utilities.css
www.stop419scams.com/styles/prosilver/theme/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/styles/prosilver/theme/utilities.css?v=3.2
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
91e832a0e4ddd9e946e2c27908e22d7dd663466c0feb8ca8bb8e05aed5a98a24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
last-modified
Thu, 09 Jan 2020 09:37:31 GMT
server
Apache
accept-ranges
bytes
etag
"47c-59bb1c218de04"
content-length
1148
content-type
text/css
common.css
www.stop419scams.com/styles/prosilver/theme/ 		20 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/styles/prosilver/theme/common.css?v=3.2
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
b7a351fe72bd76afcadbb909958774af07a6d3a142a1e42ed0ca1619fdb7af9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:16 GMT
last-modified
Thu, 09 Jan 2020 09:37:28 GMT
server
Apache
accept-ranges
bytes
etag
"4fe2-59bb1c1e961c4"
content-length
20450
content-type
text/css
links.css
www.stop419scams.com/styles/prosilver/theme/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/styles/prosilver/theme/links.css?v=3.2
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
958345fae68b80c0bc4471a68b37244c8746a96fed7ba097d9675745b0c34844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
last-modified
Thu, 09 Jan 2020 09:37:30 GMT
server
Apache
accept-ranges
bytes
etag
"d00-59bb1c2070b84"
content-length
3328
content-type
text/css
content.css
www.stop419scams.com/styles/prosilver/theme/ 		14 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/styles/prosilver/theme/content.css?v=3.2
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
b52116c124409dcfc302c29eccdd8c13a8b615b9132bdeb9a96a9f06399538c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
last-modified
Thu, 09 Jan 2020 09:37:29 GMT
server
Apache
accept-ranges
bytes
etag
"37ea-59bb1c1f60424"
content-length
14314
content-type
text/css
buttons.css
www.stop419scams.com/styles/prosilver/theme/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/styles/prosilver/theme/buttons.css?v=3.2
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
b7bc1b3399833fa1a28bfe6e3e7c73ec4464a7cc23e991f207e49943cea1bdd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
last-modified
Thu, 09 Jan 2020 09:37:27 GMT
server
Apache
accept-ranges
bytes
etag
"c1a-59bb1c1ddd8a4"
content-length
3098
content-type
text/css
cp.css
www.stop419scams.com/styles/prosilver/theme/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/styles/prosilver/theme/cp.css?v=3.2
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
eed9c1556c8da001c160d123212b042d1de1b07c405712e8c2aa8e78a502684a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
last-modified
Thu, 09 Jan 2020 09:37:29 GMT
server
Apache
accept-ranges
bytes
etag
"17b1-59bb1c1fc6cc4"
content-length
6065
content-type
text/css
forms.css
www.stop419scams.com/styles/prosilver/theme/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/styles/prosilver/theme/forms.css?v=3.2
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
de3061c92ee78e0630205b1509abe799b1363a1e29a5c0024372d424ec884fb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
last-modified
Thu, 09 Jan 2020 09:37:29 GMT
server
Apache
accept-ranges
bytes
etag
"1ce0-59bb1c1fc9ba4"
content-length
7392
content-type
text/css
icons.css
www.stop419scams.com/styles/prosilver/theme/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/styles/prosilver/theme/icons.css?v=3.2
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
dab61e21f5c14d5a9e891a6f4c462c90d7c7faf50ef36c85b293a64b0ec143fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
last-modified
Thu, 09 Jan 2020 09:37:30 GMT
server
Apache
accept-ranges
bytes
etag
"728-59bb1c20296e4"
content-length
1832
content-type
text/css
colours.css
www.stop419scams.com/styles/prosilver/theme/ 		25 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/styles/prosilver/theme/colours.css?v=3.2
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
aabf14062cfcf16ea42813cc11786a3ebf310d0135b28f5c8c05ec3a3b739946

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
last-modified
Thu, 09 Jan 2020 09:37:27 GMT
server
Apache
accept-ranges
bytes
etag
"635e-59bb1c1de3664"
content-length
25438
content-type
text/css
responsive.css
www.stop419scams.com/styles/prosilver/theme/ 		10 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/styles/prosilver/theme/responsive.css?v=3.2
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
b379cc2d03d6a691923a85e26edf57fa8bfc06348dabd2d920b1e1145aecf5cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/styles/prosilver/theme/stylesheet.css?assets_version=285
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
last-modified
Thu, 09 Jan 2020 09:37:31 GMT
server
Apache
accept-ranges
bytes
etag
"2664-59bb1c21217a4"
content-length
9828
content-type
text/css
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 11 Nov 2023 17:51:30 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4127
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 11 Nov 2023 19:51:30 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35a23ab08ee25c30f7057f9d48d8ecdc279e742f3531d200942a72da5f289048
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52833
x-xss-protection
0
server
cafe
etag
7409000507715899178
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 11 Nov 2023 19:00:17 GMT
beware_scammers.jpg
www.stop419scams.com/styles/prosilver/theme/images/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.stop419scams.com/styles/prosilver/theme/images/beware_scammers.jpg
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/styles/prosilver/theme/colours.css?v=3.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
6448b6653246159efa2b4250ce1b7f97a94dc10351d3522601d343df444e0c4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/styles/prosilver/theme/colours.css?v=3.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
last-modified
Thu, 09 Jan 2020 10:17:08 GMT
server
Apache
accept-ranges
bytes
etag
"a215-59bb24fc37d39"
content-length
41493
content-type
image/jpeg
forum_unread.gif
www.stop419scams.com/styles/prosilver/theme/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.stop419scams.com/styles/prosilver/theme/images/forum_unread.gif
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/styles/prosilver/theme/colours.css?v=3.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
325dbf4978ecf69011547739ec5cebc7c04e4b883355972b4df866ad9802daaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/styles/prosilver/theme/colours.css?v=3.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
last-modified
Thu, 09 Jan 2020 10:17:09 GMT
server
Apache
accept-ranges
bytes
etag
"d70-59bb24fd39a76"
content-length
3440
content-type
image/gif
forum_unread_subforum.gif
www.stop419scams.com/styles/prosilver/theme/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.stop419scams.com/styles/prosilver/theme/images/forum_unread_subforum.gif
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/styles/prosilver/theme/colours.css?v=3.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
e5337f2757b4804032e51eba7308f2d5293af48e6290f3cb75eb625bd226bfd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/styles/prosilver/theme/colours.css?v=3.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
last-modified
Thu, 09 Jan 2020 10:17:09 GMT
server
Apache
accept-ranges
bytes
etag
"e35-59bb24fd9862d"
content-length
3637
content-type
image/gif
fontawesome-webfont.woff2
www.stop419scams.com/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.stop419scams.com/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/assets/css/font-awesome.min.css?assets_version=285
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::28e , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.stop419scams.com/assets/css/font-awesome.min.css?assets_version=285
Origin
https://www.stop419scams.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
last-modified
Thu, 09 Jan 2020 09:04:29 GMT
server
Apache
accept-ranges
bytes
etag
"12d68-59bb14bf0e4f7"
content-length
77160
cse.js
cse.google.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=006547850172263777772:stjhoqke60g
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
2e35a35a7477662d42e32aa089e30cf2bc2958f2fedb0a25deb1b2325677ebc7
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-8snsbmn6hoAfv5BaB5GwJA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-8snsbmn6hoAfv5BaB5GwJA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding
br
date
Sat, 11 Nov 2023 19:00:17 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2980
x-xss-protection
0
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires
Sat, 11 Nov 2023 19:00:17 GMT
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.ifPgZkqe4bE.O/am=CAM/d=1/rs=AN8SPfrvVj8B_VjKkj2W5LWs6EV7yxLONQ/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 03:53:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4144
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 01:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 03:53:37 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.ifPgZkqe4bE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqLVy9k4S_V9oRxFfKoV4RJ0ivncA/ 		228 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.ifPgZkqe4bE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqLVy9k4S_V9oRxFfKoV4RJ0ivncA/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.ifPgZkqe4bE.O/am=CAM/d=1/rs=AN8SPfrvVj8B_VjKkj2W5LWs6EV7yxLONQ/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
112f08b87c5353387baf521c2a1a779e8c58a20e7c839d246e7443d73f8aeeb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:36:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82441
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 00:23:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 18:36:12 GMT
collect
www.google-analytics.com/j/ 		15 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=886055667&t=pageview&_s=1&dl=https%3A%2F%2Fwww.stop419scams.com%2F&ul=en-us&de=UTF-8&dt=Stop%20419%20Scams%20and%20Scammers%20-%20Forums&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1092973221&gjid=1258516861&cid=1861112154.1699729217&tid=UA-75069021-1&_gid=599579317.1699729217&_r=1&_slc=1&z=1362563579
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
474b87c7a48e7953a3e63145454be1d2098afb026c02a5f49038162afded3de4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.stop419scams.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 19:00:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.stop419scams.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		227 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L05G4W146W&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a47ecf4e6f269a51df666c055d072a9c660c5d30cbf8dbd36da23d31362f742b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82733
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 11 Nov 2023 19:00:17 GMT
cse_element__en.js
www.google.com/cse/static/element/e992cd4de3c7044f/ 		309 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__en.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=006547850172263777772:stjhoqke60g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07d241ae62c2c40e9c20c169b35cf9bda9b3e99cba1e5ad4f86351364156c290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105313
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 17:25:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 11 Nov 2023 19:00:17 GMT
default+en.css
www.google.com/cse/static/element/e992cd4de3c7044f/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/e992cd4de3c7044f/default+en.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=006547850172263777772:stjhoqke60g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9102
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 17:25:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 11 Nov 2023 19:00:17 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=006547850172263777772:stjhoqke60g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 18:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 11 Nov 2023 19:49:38 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2423751629117922&plah=www.stop419scams.com&bust=31079473
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e89e606cf73f8c38050e68b8f503a8a8d64486a00f3ff123670db1c18b880324
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138485
x-xss-protection
0
server
cafe
etag
6685760028534353692
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 11 Nov 2023 19:00:17 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/ Frame DEAB 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.stop419scams.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
17531
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 14:08:06 GMT
etag
16674218716276178799
expires
Sat, 25 Nov 2023 14:08:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5561 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/m=el_main_css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/m=el_main_css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:40:20 GMT
x-content-type-options
nosniff
age
184797
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 08 Nov 2024 15:40:20 GMT
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/ Frame 62BA 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/m=el_main_css
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.ifPgZkqe4bE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqLVy9k4S_V9oRxFfKoV4RJ0ivncA/m=el_main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 03:53:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4144
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 01:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 03:53:37 GMT
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 		6 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3340
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 14:24:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 05:45:18 GMT
cleardot.gif
www.google.com/images/ 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/cleardot.gif
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 19:00:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L05G4W146W&gtm=45je3b81v9123118505&_p=1699729217428&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1861112154.1699729217&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.stop419scams.com%2F&dt=Stop%20419%20Scams%20and%20Scammers%20-%20Forums&sid=1699729217&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2264
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L05G4W146W&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Nov 2023 19:00:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.stop419scams.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9434 		118 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&slotname=8688644703&adk=940626562&adf=413035527&pi=t.ma~as.8688644703&w=1152&fwrn=4&fwrnh=100&lmt=1699729217&rafmt=1&format=1152x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729217486&bpp=3&bdt=1129&idt=266&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=2648845451294&frm=20&pv=2&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=282
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2423751629117922&plah=www.stop419scams.com&bust=31079473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
74f113dccedb24b3f0c458510736b8666da4df4c87c8046f80850d0405fac7f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.stop419scams.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
40057
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 19:00:18 GMT
expires
Sat, 11 Nov 2023 19:00:18 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DA69 		728 B
586 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&slotname=6663232697&adk=2349394808&adf=3807848571&pi=t.ma~as.6663232697&w=1152&fwrn=4&fwrnh=100&lmt=1699729217&rafmt=1&format=1152x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729217489&bpp=1&bdt=1132&idt=285&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1152x280&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=2013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=288
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2423751629117922&plah=www.stop419scams.com&bust=31079473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ee44d08daec5191c75f7401209f56a96162162febf1bda9e29ac4d49f399633
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.stop419scams.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
365
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 19:00:18 GMT
expires
Sat, 11 Nov 2023 19:00:18 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 260D 		390 KB
83 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&adk=1511961599&adf=2261577023&lmt=1699729217&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729217506&bpp=4&bdt=1149&idt=275&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1152x280%2C1152x280&nras=1&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=292
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2423751629117922&plah=www.stop419scams.com&bust=31079473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab78d666a102fa2211d29b97ff5e1c0640b2100cbf6ec6fd190e90ab29b50d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.stop419scams.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
84802
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 19:00:18 GMT
expires
Sat, 11 Nov 2023 19:00:18 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/reactive_library_fy2021.js?bust=31079473
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2423751629117922&plah=www.stop419scams.com&bust=31079473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
facc9fb81a00c94a567cea55639a614e6814c539610730c60ce7589caf778692
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.stop419scams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55826
x-xss-protection
0
server
cafe
etag
4033135560100256806
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 11 Nov 2023 19:00:18 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B0C6 		133 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&adk=3265069742&adf=1179691971&pi=t.aa~a.4252551101~rp.4&w=1142&fwrn=4&fwrnh=100&lmt=1699729218&rafmt=1&to=qs&pwprc=9609842440&format=1142x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729218698&bpp=1&bdt=2341&idt=-M&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9ac5bbe8f668db9%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MYW3KT04SfN7lUHr_NkYW0MozGmgg&gpic=UID%3D00000cd780fb348b%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MZTa7zRH9jipv0B2W_V5C1OCzG6Pw&prev_fmts=1152x280%2C1152x280%2C0x0&nras=2&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=1789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2423751629117922&plah=www.stop419scams.com&bust=31079473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
922362f115fd7cbe7c592eb84abf287dc45bb21150634e8ab69404072464e8a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.stop419scams.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44387
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 19:00:19 GMT
expires
Sat, 11 Nov 2023 19:00:19 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F112 		436 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=90&adk=346965371&adf=44848809&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699729218&rafmt=1&to=qs&pwprc=9609842440&format=1200x90&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729218698&bpp=1&bdt=2342&idt=-M&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9ac5bbe8f668db9%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MYW3KT04SfN7lUHr_NkYW0MozGmgg&gpic=UID%3D00000cd780fb348b%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MZTa7zRH9jipv0B2W_V5C1OCzG6Pw&prev_fmts=1152x280%2C1152x280%2C0x0%2C1142x280&nras=3&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2550&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2423751629117922&plah=www.stop419scams.com&bust=31079473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a79352c2da27f4b43df066e75ace4ede1d6baa43e0c10af945e8919d065b2ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.stop419scams.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 19:00:19 GMT
expires
Sat, 11 Nov 2023 19:00:19 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2024 		436 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=90&adk=1418752978&adf=653552374&pi=t.aa~a.1627829877~rp.1&w=1152&fwrn=4&fwrnh=100&lmt=1699729218&rafmt=1&to=qs&pwprc=9609842440&format=1152x90&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729218698&bpp=1&bdt=2341&idt=1&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9ac5bbe8f668db9%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MYW3KT04SfN7lUHr_NkYW0MozGmgg&gpic=UID%3D00000cd780fb348b%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MZTa7zRH9jipv0B2W_V5C1OCzG6Pw&prev_fmts=1152x280%2C1152x280%2C0x0%2C1142x280%2C1200x90&nras=4&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=2368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2423751629117922&plah=www.stop419scams.com&bust=31079473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a72dd4758f84e9eedcbbef5316c6b401cf5812c38b23e9dd009d49ddef99ac34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.stop419scams.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
211
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 19:00:19 GMT
expires
Sat, 11 Nov 2023 19:00:19 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 9434 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&slotname=8688644703&adk=940626562&adf=413035527&pi=t.ma~as.8688644703&w=1152&fwrn=4&fwrnh=100&lmt=1699729217&rafmt=1&format=1152x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729217486&bpp=3&bdt=1129&idt=266&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=2648845451294&frm=20&pv=2&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 11 Nov 2023 19:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 11 Nov 2023 17:37:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Nov 2023 19:00:18 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 9434 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&slotname=8688644703&adk=940626562&adf=413035527&pi=t.ma~as.8688644703&w=1152&fwrn=4&fwrnh=100&lmt=1699729217&rafmt=1&format=1152x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729217486&bpp=3&bdt=1129&idt=266&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=2648845451294&frm=20&pv=2&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 20:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
82647
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 20:02:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 9434 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&slotname=8688644703&adk=940626562&adf=413035527&pi=t.ma~as.8688644703&w=1152&fwrn=4&fwrnh=100&lmt=1699729217&rafmt=1&format=1152x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729217486&bpp=3&bdt=1129&idt=266&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=2648845451294&frm=20&pv=2&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 20:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
82647
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 20:02:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 9434 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&slotname=8688644703&adk=940626562&adf=413035527&pi=t.ma~as.8688644703&w=1152&fwrn=4&fwrnh=100&lmt=1699729217&rafmt=1&format=1152x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729217486&bpp=3&bdt=1129&idt=266&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=2648845451294&frm=20&pv=2&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 01:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
61512
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 01:55:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 9434 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&slotname=8688644703&adk=940626562&adf=413035527&pi=t.ma~as.8688644703&w=1152&fwrn=4&fwrnh=100&lmt=1699729217&rafmt=1&format=1152x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729217486&bpp=3&bdt=1129&idt=266&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=2648845451294&frm=20&pv=2&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 01:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
61512
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 01:55:06 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9434 		199 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&slotname=8688644703&adk=940626562&adf=413035527&pi=t.ma~as.8688644703&w=1152&fwrn=4&fwrnh=100&lmt=1699729217&rafmt=1&format=1152x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729217486&bpp=3&bdt=1129&idt=266&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=2648845451294&frm=20&pv=2&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Nov 2023 19:00:18 GMT
81801f102bbf3ca11da2806ffde236a3.js
www.gstatic.com/mysidia/ Frame 9434 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/81801f102bbf3ca11da2806ffde236a3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&slotname=8688644703&adk=940626562&adf=413035527&pi=t.ma~as.8688644703&w=1152&fwrn=4&fwrnh=100&lmt=1699729217&rafmt=1&format=1152x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729217486&bpp=3&bdt=1129&idt=266&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=2648845451294&frm=20&pv=2&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 17:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15369
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 05:08:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 07 Feb 2024 17:46:39 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/15732097773305340160/ Frame 9434 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15732097773305340160/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&slotname=8688644703&adk=940626562&adf=413035527&pi=t.ma~as.8688644703&w=1152&fwrn=4&fwrnh=100&lmt=1699729217&rafmt=1&format=1152x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729217486&bpp=3&bdt=1129&idt=266&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=2648845451294&frm=20&pv=2&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18558f5bde036dd9cb2dce5fe8a8b53326ebe51a7a73110e0c76238e68afb298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:03:25 GMT
x-content-type-options
nosniff
age
377813
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24279
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 16:22:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 06 Nov 2024 10:03:25 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/4993217691887194574/ Frame 9434 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4993217691887194574/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&slotname=8688644703&adk=940626562&adf=413035527&pi=t.ma~as.8688644703&w=1152&fwrn=4&fwrnh=100&lmt=1699729217&rafmt=1&format=1152x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729217486&bpp=3&bdt=1129&idt=266&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=2648845451294&frm=20&pv=2&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8709e26d61bab50cdc652883fa5428c94fd2a23b41deed8901c12902da97355a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:04:13 GMT
x-content-type-options
nosniff
age
183365
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10418
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 23:21:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Nov 2024 16:04:13 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/ Frame AD6D 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2423751629117922&plah=www.stop419scams.com&bust=31079473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.stop419scams.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
56106
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 03:25:12 GMT
etag
16674218716276178799
expires
Sat, 25 Nov 2023 03:25:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/ Frame 1373 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2423751629117922&plah=www.stop419scams.com&bust=31079473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.stop419scams.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
56106
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 03:25:12 GMT
etag
16674218716276178799
expires
Sat, 25 Nov 2023 03:25:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame AD6D 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 11 Nov 2023 19:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 11 Nov 2023 17:33:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Nov 2023 19:00:18 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AD6D 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 13:40:18 GMT
x-content-type-options
nosniff
age
192000
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 08 Nov 2024 13:40:18 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AD6D 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 13:30:38 GMT
x-content-type-options
nosniff
age
192580
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 08 Nov 2024 13:30:38 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame AD6D 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ccc4eb3e8c138e0ac4c09d09e765d3228f6fdf29b134613b5a2331c47b39aef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 21:51:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
76150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6703
x-xss-protection
0
server
cafe
etag
18125926408851158271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 21:51:08 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame AD6D 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 14:22:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
16676
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8785
x-xss-protection
0
server
cafe
etag
17726888854999048520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 14:22:22 GMT
38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js
www.gstatic.com/mysidia/ Frame 1373 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4046
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 19:36:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 14:04:29 GMT
78b00c21e40332afd18050ebd59c6b08.js
www.gstatic.com/mysidia/ Frame 1373 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 00:13:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4753
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 22:22:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 00:13:18 GMT
css
fonts.googleapis.com/ Frame 1373 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair%20Display%3A400%2C500%7CGoogle%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
434909defe5c654cd3ec984a1199cbd4f370f98f02e0fce3f89f9c89661736b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 11 Nov 2023 19:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 11 Nov 2023 18:06:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Nov 2023 19:00:18 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 1373 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 20:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
82647
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 20:02:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 1373 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 20:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
82647
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 20:02:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 1373 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 01:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
61512
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 01:55:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 1373 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 01:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
61512
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 01:55:06 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1373 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Nov 2023 19:00:18 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 1373 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 22:36:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 22:22:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 07 Feb 2024 22:36:58 GMT
truncated
/ Frame 9434 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b306ebef04082e3ca3be83e43291721f74fdd73c70d737150fedcbd40e54d60b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 1715 		2 KB
480 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 11 Nov 2023 19:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 11 Nov 2023 18:31:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Nov 2023 19:00:18 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 1715 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 20:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
82647
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 20:02:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 1715 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 20:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
82647
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 20:02:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 1715 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 01:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
61512
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 01:55:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 1715 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 01:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
61512
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 01:55:06 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1715 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Nov 2023 19:00:18 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 1715 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 22:36:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 22:22:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 07 Feb 2024 22:36:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9434 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 17:26:14 GMT
x-content-type-options
nosniff
age
351245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Nov 2024 17:26:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9434 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:32:45 GMT
x-content-type-options
nosniff
age
167254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 20:32:45 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3094 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2908
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 18:11:51 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1373 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
964b6b552e7546a6065bd940af95b6063a259f83256c7a86ebfba5d802dce6f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ Frame 1373 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v36/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair%20Display%3A400%2C500%7CGoogle%20Sans%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:32:51 GMT
x-content-type-options
nosniff
age
167248
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37964
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:43:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 20:32:51 GMT
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1373 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair%20Display%3A400%2C500%7CGoogle%20Sans%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:15:26 GMT
x-content-type-options
nosniff
age
186293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21360
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 15:15:26 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 9434
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cm4STQc9PZYKvOfyd29gPhuq_4A3Z-siRdN3ag76jEdrZHhABIIyDtm1glfqEgpgHoAHzj_upKcgBCakC0ktZ957tsT6oAwHIA8sEqgTeAU_QfvbFE3GJfvgYbLV0Yj20QnpkNQdbR7w65Sn...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221521576551787692088%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221521576551787692088%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211093854195%22],%224%22:[%2211-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212277740141642438161%22}&andc=true
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:19 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"1521576551787692088","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11093854195"],"4":["11-11"],"6":["true"]},"priority":"500","source_event_id":"12277740141642438161"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 11 Nov 2023 19:00:19 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 11 Nov 2023 19:00:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1521576551787692088","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11093854195"],"4":["11-11"],"6":["true"]},"priority":"500","source_event_id":"12277740141642438161"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
pagead2.googlesyndication.com/bg/ Frame D870 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&slotname=8688644703&adk=940626562&adf=413035527&pi=t.ma~as.8688644703&w=1152&fwrn=4&fwrnh=100&lmt=1699729217&rafmt=1&format=1152x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729217486&bpp=3&bdt=1129&idt=266&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=2648845451294&frm=20&pv=2&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:28:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
250313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14894
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Nov 2024 21:28:26 GMT
vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
pagead2.googlesyndication.com/bg/ Frame C06D 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:28:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
250313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14894
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Nov 2024 21:28:26 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221521576551787692088%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211093854195%22],%224%22:[%2211-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212277740141642438161%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 11 Nov 2023 19:00:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 1373
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CpREMQc9PZeabPPeu29gP0LW4gAyl2aXmc-nLvcKrEMCNtwEQASCMg7ZtYJX6hIKYB6ABjezk2QLIAQGpAns6gqYjUKg-qAMByAPLBKoE2QFP0GV33fMGjKxR7RFnaOhed671kaxhHAaCDFJ...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211730649209153654354%22,%22debug_reporting%22:true,%22destination%22:%22https://pchelpsoft.com%22,%22event_report_window%2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211730649209153654354%22,%22debug_reporting%22:true,%22destination%22:%22https://pchelpsoft.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22725169677%22],%224%22:[%2211-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223071596399250986657%22}&andc=true
Requested by
Host: www.stop419scams.com
URL: https://www.stop419scams.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:19 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"11730649209153654354","debug_reporting":true,"destination":"https://pchelpsoft.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["725169677"],"4":["11-11"],"6":["true"]},"priority":"500","source_event_id":"3071596399250986657"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 11 Nov 2023 19:00:19 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 11 Nov 2023 19:00:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11730649209153654354","debug_reporting":true,"destination":"https://pchelpsoft.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["725169677"],"4":["11-11"],"6":["true"]},"priority":"500","source_event_id":"3071596399250986657"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3094
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 19:00:19 GMT
expires
Sat, 11 Nov 2023 19:00:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Nov 2023 19:00:19 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
pagead2.googlesyndication.com/bg/ Frame 115E 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:28:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
250313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14894
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Nov 2024 21:28:26 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211730649209153654354%22,%22debug_reporting%22:true,%22destination%22:%22https://pchelpsoft.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22725169677%22],%224%22:[%2211-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223071596399250986657%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 11 Nov 2023 19:00:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame B0C6 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&adk=3265069742&adf=1179691971&pi=t.aa~a.4252551101~rp.4&w=1142&fwrn=4&fwrnh=100&lmt=1699729218&rafmt=1&to=qs&pwprc=9609842440&format=1142x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729218698&bpp=1&bdt=2341&idt=-M&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9ac5bbe8f668db9%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MYW3KT04SfN7lUHr_NkYW0MozGmgg&gpic=UID%3D00000cd780fb348b%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MZTa7zRH9jipv0B2W_V5C1OCzG6Pw&prev_fmts=1152x280%2C1152x280%2C0x0&nras=2&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=1789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 11 Nov 2023 19:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 11 Nov 2023 17:19:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Nov 2023 19:00:19 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame B0C6 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&adk=3265069742&adf=1179691971&pi=t.aa~a.4252551101~rp.4&w=1142&fwrn=4&fwrnh=100&lmt=1699729218&rafmt=1&to=qs&pwprc=9609842440&format=1142x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729218698&bpp=1&bdt=2341&idt=-M&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9ac5bbe8f668db9%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MYW3KT04SfN7lUHr_NkYW0MozGmgg&gpic=UID%3D00000cd780fb348b%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MZTa7zRH9jipv0B2W_V5C1OCzG6Pw&prev_fmts=1152x280%2C1152x280%2C0x0&nras=2&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=1789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 20:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
82648
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 20:02:51 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/14632052148147917371/ Frame B0C6 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14632052148147917371/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&adk=3265069742&adf=1179691971&pi=t.aa~a.4252551101~rp.4&w=1142&fwrn=4&fwrnh=100&lmt=1699729218&rafmt=1&to=qs&pwprc=9609842440&format=1142x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729218698&bpp=1&bdt=2341&idt=-M&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9ac5bbe8f668db9%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MYW3KT04SfN7lUHr_NkYW0MozGmgg&gpic=UID%3D00000cd780fb348b%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MZTa7zRH9jipv0B2W_V5C1OCzG6Pw&prev_fmts=1152x280%2C1152x280%2C0x0&nras=2&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=1789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39e7199c42c04ac13841b264bb8667b482c9e92e154ab0cfb66ecdb2703e290b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 04:09:22 GMT
x-content-type-options
nosniff
age
53457
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41143
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 12:48:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 10 Nov 2024 04:09:22 GMT
truncated
/ Frame B0C6 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B0C6 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame B0C6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&adk=3265069742&adf=1179691971&pi=t.aa~a.4252551101~rp.4&w=1142&fwrn=4&fwrnh=100&lmt=1699729218&rafmt=1&to=qs&pwprc=9609842440&format=1142x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729218698&bpp=1&bdt=2341&idt=-M&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9ac5bbe8f668db9%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MYW3KT04SfN7lUHr_NkYW0MozGmgg&gpic=UID%3D00000cd780fb348b%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MZTa7zRH9jipv0B2W_V5C1OCzG6Pw&prev_fmts=1152x280%2C1152x280%2C0x0&nras=2&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=1789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 20:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
82648
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 20:02:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame B0C6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&adk=3265069742&adf=1179691971&pi=t.aa~a.4252551101~rp.4&w=1142&fwrn=4&fwrnh=100&lmt=1699729218&rafmt=1&to=qs&pwprc=9609842440&format=1142x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729218698&bpp=1&bdt=2341&idt=-M&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9ac5bbe8f668db9%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MYW3KT04SfN7lUHr_NkYW0MozGmgg&gpic=UID%3D00000cd780fb348b%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MZTa7zRH9jipv0B2W_V5C1OCzG6Pw&prev_fmts=1152x280%2C1152x280%2C0x0&nras=2&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=1789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 01:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
61513
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 01:55:06 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EEF3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&adk=3265069742&adf=1179691971&pi=t.aa~a.4252551101~rp.4&w=1142&fwrn=4&fwrnh=100&lmt=1699729218&rafmt=1&to=qs&pwprc=9609842440&format=1142x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729218698&bpp=1&bdt=2341&idt=-M&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9ac5bbe8f668db9%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MYW3KT04SfN7lUHr_NkYW0MozGmgg&gpic=UID%3D00000cd780fb348b%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MZTa7zRH9jipv0B2W_V5C1OCzG6Pw&prev_fmts=1152x280%2C1152x280%2C0x0&nras=2&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=1789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
77006
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sat, 11 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame B0C6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&adk=3265069742&adf=1179691971&pi=t.aa~a.4252551101~rp.4&w=1142&fwrn=4&fwrnh=100&lmt=1699729218&rafmt=1&to=qs&pwprc=9609842440&format=1142x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729218698&bpp=1&bdt=2341&idt=-M&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9ac5bbe8f668db9%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MYW3KT04SfN7lUHr_NkYW0MozGmgg&gpic=UID%3D00000cd780fb348b%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MZTa7zRH9jipv0B2W_V5C1OCzG6Pw&prev_fmts=1152x280%2C1152x280%2C0x0&nras=2&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=1789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 01:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
61513
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 01:55:06 GMT
l
www.google.com/ads/measurement/ Frame B0C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxMw289u9bPsUsMewO9HTJrXxNx-m7xKayyL4MFGOh5favmVgR4a2OgqmnlcAlo1NrvPoqCJ4HvPBE37qe3fLOEwyUng
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&adk=3265069742&adf=1179691971&pi=t.aa~a.4252551101~rp.4&w=1142&fwrn=4&fwrnh=100&lmt=1699729218&rafmt=1&to=qs&pwprc=9609842440&format=1142x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729218698&bpp=1&bdt=2341&idt=-M&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9ac5bbe8f668db9%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MYW3KT04SfN7lUHr_NkYW0MozGmgg&gpic=UID%3D00000cd780fb348b%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MZTa7zRH9jipv0B2W_V5C1OCzG6Pw&prev_fmts=1152x280%2C1152x280%2C0x0&nras=2&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=1789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B0C6 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&adk=3265069742&adf=1179691971&pi=t.aa~a.4252551101~rp.4&w=1142&fwrn=4&fwrnh=100&lmt=1699729218&rafmt=1&to=qs&pwprc=9609842440&format=1142x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729218698&bpp=1&bdt=2341&idt=-M&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9ac5bbe8f668db9%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MYW3KT04SfN7lUHr_NkYW0MozGmgg&gpic=UID%3D00000cd780fb348b%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MZTa7zRH9jipv0B2W_V5C1OCzG6Pw&prev_fmts=1152x280%2C1152x280%2C0x0&nras=2&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=1789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Nov 2023 19:00:19 GMT
81801f102bbf3ca11da2806ffde236a3.js
www.gstatic.com/mysidia/ Frame B0C6 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/81801f102bbf3ca11da2806ffde236a3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2423751629117922&output=html&h=280&adk=3265069742&adf=1179691971&pi=t.aa~a.4252551101~rp.4&w=1142&fwrn=4&fwrnh=100&lmt=1699729218&rafmt=1&to=qs&pwprc=9609842440&format=1142x280&url=https%3A%2F%2Fwww.stop419scams.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699729218698&bpp=1&bdt=2341&idt=-M&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De9ac5bbe8f668db9%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MYW3KT04SfN7lUHr_NkYW0MozGmgg&gpic=UID%3D00000cd780fb348b%3AT%3D1699729217%3ART%3D1699729217%3AS%3DALNI_MZTa7zRH9jipv0B2W_V5C1OCzG6Pw&prev_fmts=1152x280%2C1152x280%2C0x0&nras=2&correlator=2648845451294&frm=20&pv=1&ga_vid=1861112154.1699729217&ga_sid=1699729218&ga_hid=886055667&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=1789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079404%2C31079408%2C31079516%2C44807464%2C31078297%2C44807405%2C31079473%2C44806139%2C44807763%2C44808148&oid=2&pvsid=2933518344513608&tmod=923683097&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 17:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177220
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15369
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 05:08:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 07 Feb 2024 17:46:39 GMT
truncated
/ Frame B0C6 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fcd48b783f5254b2c488d000e85480d034e9493b8c9aff37a8580d7acb36a83a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame EEF3
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEOFGuxKo0P5JaHEfnC3uc-c&google_cver=1&google_push=AXcoOmSTPJp3k-ig6gGcKzgya9cEC3uxwh3AMWJZNOkWfbFY7ngX2ebZl_iDwm6aHfwXfiUniae_Lml...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmSTPJp3k-ig6gGcKzgya9cEC3uxwh3AMWJZNOkWfbFY7ngX2ebZl_iDwm6aHfwXfiUniae_LmlodOXfSXTaGUUdvTY3v7kMoEaqCzZ79y7KRvtgwBQpyhJb6LZV...
0
0
adx
pr-bh.ybp.yahoo.com/sync/ Frame EEF3 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame EEF3 		0
0
/
c1.adform.net/serving/cookie/match/ Frame EEF3 		0
0
trk
ag.innovid.com/ Frame EEF3 		0
0
/
onetag-sys.com/match/ Frame EEF3 		0
0
um
sync.teads.tv/ Frame EEF3 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame EEF3 		0
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B0C6 		0
0
adview
googleads.g.doubleclick.net/pagead/ Frame B0C6 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ 		0
0
vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
pagead2.googlesyndication.com/bg/ Frame 8D55 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 9434 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 1373 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmSTPJp3k-ig6gGcKzgya9cEC3uxwh3AMWJZNOkWfbFY7ngX2ebZl_iDwm6aHfwXfiUniae_LmlodOXfSXTaGUUdvTY3v7kMoEaqCzZ79y7KRvtgwBQpyhJb6LZVQ_C8SkHAM9lgRKTjVYPXMBGfwT6W&google_hm=9wkF2c6oSKmV-uYI5AlDnBw
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEH3VM3IY0-LGA2hx7t_1Itg&google_cver=1&google_push=AXcoOmTtInSP7WE_xuZT7k06DISsz5RLUNDKaAajKbzzUm3Jr7udf3hthlpTlwQEF4q3A4Zzbz5xaQ-bu0Hhn8X2Rg8QAzbQrwjPlOFzn1oXibnBby9D-rUIFYXFKuNlIei78B_u_uwa1Al0keF7KUOrYD5mSg
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSF7k3zYqWUkq6N4HO_WOK641q6QOxP_qq_ykS8Qtm2aPu_bwNTgIMjKTx81Cu2SsRN4xhtnlOl8S75zaxEC3vZwn0wNLloEl5yYYwni81HHB2OREO7pzFWQ7bijocgptDA1Ca5E-JppPulgC7dxCSRWg&google_gid=CAESELRRqoX3J3HU56c0zOLQFho&google_cver=1
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMbzMCauUIpcM_OjMAXe8rE&google_cver=1&google_push=AXcoOmS5vu3ZA4mvbHA6SWXy39oUvYoCpV9G_HA5HU08pJMMgvIFFRUnKQgJmq2C1huwhoHK5l36d0GuoCBoBO-RXT0YZ7wqsju_rlN3JMbScTkiFSoj5vaHOVGt6aGGuEQUiPm_ZL7fdRyEZHiU7i42KdR1Sg
Domain
ag.innovid.com
URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEEpWYPAJcpTgkQke6rraMYY&google_cver=1&google_push=AXcoOmT6rLp_2IV9v1mF4Yft9ii3eMyxHyhdTPQxGsfU-8UKqm6lZmzgr2o9ZSJM48eU2cny5DMGMmkiJ_QSXiSsagt0k27zJRfIGGzZow852BhmmYIW4JMWiVcru4rqszFTrJ73V5OLAhIg_ih8wOrf3x--
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDztPNwdQq3IT_Dh5iE0Y6o&google_cver=1&google_push=AXcoOmTY6sgFF45kCBiYwX6P-LrNapQvdDCTvFnJjkUuNNHRjuQrUrw71i_hZidgbd4DZF0XqD1dEvyXd43Iy6mp_y_dgyu41-wP7O0z-8W2Q36idDgxP0DHTzfF_7m2XAkOYfNDThGmNNg9Rt_rBTYxzGKjOQ
Domain
sync.teads.tv
URL
https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGYvUZNdwHvHGdkPR04rSx8&google_cver=1&google_push=AXcoOmTkFwtYROeTR7AaUkBN7s08VsTzUc2m8rDYtJp0ZJLKg43D6LxUaLbzljWmHr8GezSDKMJO1_9-_-wUjnpwQQKALjRMmqWakfZCIiqfdkrP_KP3LmFN1XL0kHmBQ7b3O8UNuBoD0akyidfLy9H5AF2dnrw
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KGb48e7wxWcPh7RlwNzuv4EqJJ2kp2gcBBNspFYXKtla5Ian6nOz9vHvgmbCswiMczzI_4kw
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFibzQs9PZYSENtCD29gP8eiOgAzDqreGcOG37v7aEcCNtwEQASCMg7ZtYJX6hIKYB6AB9MSQnwLIAQmoAwHIA8sEqgTeAU_QhWi4yxv5T7QM9bDKjkQBwhg8AGXSftKeufHLqab_3-bx0TPjCnvbTpGQzCk1pK-20XRvtzNvhTAIhSkyVbZbaOnrMVb-EH5NtHmobz6VpNr5ipLdUIHquYSV6KQdQ-B1kESe0bYGlvcugNEWuY-DWiLVMlZ8mtHJJl2JliWuc9M5zYTEuQP9JSyvubK1AprdqGTzdXW2gkhF0EL-o8Jble2JgpdbKN3pOmASZm8TC852_Ga1Lp66CxP09Qn1V7X-TDZbWP_GfH69kqJwLTjPwtI70FF9DfC-gjTTs8AEiOCVxJsEiAXjp8-WRZIFBAgEGAGSBQQIBRgEoAYugAfEpvLgAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELPDAtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCccBaHR0cHM6Ly93d3cudW5wYXN0ZWQuY29tL3RyZW5kaW5nL2hpbGFyaW91cy15YXJkLXNpZ25zLWZiLz91dG1fY2FtcGFpZ249VlYlM0U4JTIwWWFyZCUyMFNpZ25zJTIwTm9hMTExMCUyMEVuJTIwLSUyMERpc3BsYXklMjBXVyUyMEdBJnV0bV9zb3VyY2U9QWRXb3JkcyZ1dG1fbWVkaXVtPXd3dy5zdG9wNDE5c2NhbXMuY29tJm5ldHdvcmtfY29kZT1DTYAKAcgLAaIMDCoKCgjktLEC7rWxAtgTDNAVAYAXAbIXHAoaCAASFHB1Yi0yNDIzNzUxNjI5MTE3OTIyGAA&sigh=qI-Kzz0qfMk&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNb9lgHjwsd98oiDiE7ttlSsqSto4wczY8X3QWJkagMmxWIPCfe10KsksTKq8sJ_VcqRwgfrDbshgB&template_id=5000&cbvp=2&vis=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231108&st=env
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpfOozM7TGoYgaWi-BjU0GlKYUb3FO9xLQo8qcRjUCaX07-1Uqi84RqL0wQL5_tQVBfzy6Ms1DWonBku-b9OPeEX1TeaFBUsT6e2dcCeSeLSBJNxbshgitFSfOAxEfJpXHWxzA-XnCHANd&sai=AMfl-YTvQuD7E0gqwGT6ox81NdAQWVKRRHkjERAgdw8_j-uR68iXMsYiI2UfNiY2gtU4pzrn9RfR8qy034DQ6D4PgLOm8X6tr_tRbL7Ee7ZhR1mcvZQormo0kRx10oC50Bvjp7dgmHn2MN11cXobjECE&sig=Cg0ArKJSzFSIpGOYzpWpEAE&cid=CAQSTgDICaaNVrW5sNLukxjd1UmbOXhgJe3iAvJYCsLQEzdZcfWRfoaxab-L76p83501dKa9q7TWrbgPBEpzIj4OzqUb8_YtVP-fqo0SZtCORhgB&id=lidar2&mcvt=1000&p=0,0,280,1152&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=940626562&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699729217770&rpt=1336&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzaz58S5vAL9LdF-k86OKSvMKVIuMX5mE4lJbTs8XuYZurw6LqT21mZqTvkhjO6CaTsrCB0hPy1nkVqqteyvJglx4SzLX2OZUxjZqmN_0JicIe3STo7jl0ggakqWsuiFq7PfrnWhExUgSZ&sai=AMfl-YS5kckhLRR7iovsa_wWSlzWDMjFvMBtJSO52eBjjp2LJGGGba5ZiB_HY5Iy8KZ3tcW3j7q6lMT1nbneGJzvcA-c96jLAGUx5z3chXhmkEsC59AIb2kMHotHZ5TjwCvagl5En8h0K-lImQUL3G7C&sig=Cg0ArKJSzPqrt34DiUK8EAE&cid=CAQSTgDICaaNGP3LRCMQrQDqH_D7a2-uy_crFUcrEuo0f0Da8T6LvPMHOwPQo51T3en8JFs7AsLRWTqLSCCdWGegdflBoe-JVHP5-QEtkQ_NrBgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=133,814,1000,1000,1000&tos=133,681,186,0,0&v=20231109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1511961591&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699729218825&rpt=412&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture string| GoogleAnalyticsObject function| ga object| adsbygoogle object| test function| $ function| jQuery object| phpbb object| jQuery1124014603039264296758 function| googleTranslateElementInit function| _DumpException object| default_tr object| _F_toggles string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google string| elonw_title string| source object| IgnoreClasses boolean| NotInClass function| removeSubdomain function| find_username function| popup function| pageJump function| marklist function| viewableArea function| activateSubPanel function| selectCode boolean| inAutocomplete string| lastKeyEntered function| phpbbCheckKey function| insertUser function| insert_marked_users function| insert_single_user function| parseDocument function| toggleBCDropdown function| setupBCMenu undefined| isTouch function| bbwizard boolean| requestRunning object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| __gcse object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint object| closure_lm_261830 object| google_tag_manager object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag

14 Cookies

Domain/Path Name / Value
.stop419scams.com/ Name: phpbb3_yvxb7_u
Value: 1
.stop419scams.com/ Name: phpbb3_yvxb7_k
Value:
.stop419scams.com/ Name: phpbb3_yvxb7_sid
Value: 902912e7b99ed94da96f1dc3b04dfea9
.stop419scams.com/ Name: _ga
Value: GA1.2.1861112154.1699729217
.stop419scams.com/ Name: _gid
Value: GA1.2.599579317.1699729217
.stop419scams.com/ Name: _gat
Value: 1
.stop419scams.com/ Name: _ga_L05G4W146W
Value: GS1.2.1699729217.1.0.1699729217.0.0.0
.stop419scams.com/ Name: __gads
Value: ID=e9ac5bbe8f668db9:T=1699729217:RT=1699729217:S=ALNI_MYW3KT04SfN7lUHr_NkYW0MozGmgg
.stop419scams.com/ Name: __gpi
Value: UID=00000cd780fb348b:T=1699729217:RT=1699729217:S=ALNI_MZTa7zRH9jipv0B2W_V5C1OCzG6Pw
.doubleclick.net/ Name: DSID
Value: NO_DATA
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkY8oOml98LufL13LJ51S80pyXWoaoeZIgGgWTwsj56SMfojeRAqfbj_WTvDtw
.ctnsnet.com/ Name: gid_CAESEOFGuxKo0P5JaHEfnC3uc-c
Value: 1
.ctnsnet.com/ Name: cid_f70905d9cea848a995fae608e409439c
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ag.innovid.com
c1.adform.net
cm.g.doubleclick.net
cse.google.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
sync.teads.tv
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.stop419scams.com
ag.innovid.com
c1.adform.net
cm.g.doubleclick.net
dis.criteo.com
fonts.gstatic.com
googleads.g.doubleclick.net
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
sync.teads.tv
142.250.185.162
2001:4860:4802:32::36
2001:4860:4802:38::178
2607:f1c0:100f:f000::28e
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:831::2002
07d241ae62c2c40e9c20c169b35cf9bda9b3e99cba1e5ad4f86351364156c290
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
112f08b87c5353387baf521c2a1a779e8c58a20e7c839d246e7443d73f8aeeb8
157160dea5c1a67ffc1ba5ce23d422047226426d1b4f1bd10847825ceea6e4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18558f5bde036dd9cb2dce5fe8a8b53326ebe51a7a73110e0c76238e68afb298
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
2b57e3d7e9444012dbbde8979e256850b86b457525b9cb868004ff48699f8d53
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e35a35a7477662d42e32aa089e30cf2bc2958f2fedb0a25deb1b2325677ebc7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
325dbf4978ecf69011547739ec5cebc7c04e4b883355972b4df866ad9802daaf
35a23ab08ee25c30f7057f9d48d8ecdc279e742f3531d200942a72da5f289048
39e7199c42c04ac13841b264bb8667b482c9e92e154ab0cfb66ecdb2703e290b
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42cb3377949c536a0862c30f5a949bfe93a5539302c98367cc9b6736c8fe054a
434909defe5c654cd3ec984a1199cbd4f370f98f02e0fce3f89f9c89661736b0
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46a1b5a101933949e95a427caae7f23b4c5d15f444160f2dcaa04c6fc1824e36
474b87c7a48e7953a3e63145454be1d2098afb026c02a5f49038162afded3de4
49de431df718d39a00d6621bfc3feeb7030949a2a3b3b4fbba441517d60eb930
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f44462dc0734a49349994d91b6e29c1ae09ab62cec76f780905b969d3d35f12
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6448b6653246159efa2b4250ce1b7f97a94dc10351d3522601d343df444e0c4e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
74f113dccedb24b3f0c458510736b8666da4df4c87c8046f80850d0405fac7f1
7636bbffcb75cf58e97b0c09641ccbd8f09d381df6b0c6836179fbd08d3eeb68
78c7ebc04d2d852e123ff939e93c09a5043177c12d52a60135036551ed91d1f2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a79352c2da27f4b43df066e75ace4ede1d6baa43e0c10af945e8919d065b2ea
7ccc4eb3e8c138e0ac4c09d09e765d3228f6fdf29b134613b5a2331c47b39aef
7ee44d08daec5191c75f7401209f56a96162162febf1bda9e29ac4d49f399633
8709e26d61bab50cdc652883fa5428c94fd2a23b41deed8901c12902da97355a
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
91e832a0e4ddd9e946e2c27908e22d7dd663466c0feb8ca8bb8e05aed5a98a24
922362f115fd7cbe7c592eb84abf287dc45bb21150634e8ab69404072464e8a0
958345fae68b80c0bc4471a68b37244c8746a96fed7ba097d9675745b0c34844
964b6b552e7546a6065bd940af95b6063a259f83256c7a86ebfba5d802dce6f4
97d8edd58740293f8774574a7928df397d42cb5f91ce0134c5aacc5cbb2d4c76
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e90829a5dbde4dd0f5636b927b586ea71f744f4ed2955b43aa5a19cc4265b35
a124180f9cac7ca543bf3de968953a074e3ac285a876d896ac16e740d4779576
a47ecf4e6f269a51df666c055d072a9c660c5d30cbf8dbd36da23d31362f742b
a48463b659f95cb23f82da2d32cad99dd4434d411158c998d15499d3812fa54d
a72dd4758f84e9eedcbbef5316c6b401cf5812c38b23e9dd009d49ddef99ac34
aabf14062cfcf16ea42813cc11786a3ebf310d0135b28f5c8c05ec3a3b739946
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
ab78d666a102fa2211d29b97ff5e1c0640b2100cbf6ec6fd190e90ab29b50d90
ac811cd9506f48810e70de73c762fff39a5d641acf5e26c0bae469178c077ba7
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf
b306ebef04082e3ca3be83e43291721f74fdd73c70d737150fedcbd40e54d60b
b379cc2d03d6a691923a85e26edf57fa8bfc06348dabd2d920b1e1145aecf5cd
b52116c124409dcfc302c29eccdd8c13a8b615b9132bdeb9a96a9f06399538c3
b7a351fe72bd76afcadbb909958774af07a6d3a142a1e42ed0ca1619fdb7af9b
b7bc1b3399833fa1a28bfe6e3e7c73ec4464a7cc23e991f207e49943cea1bdd4
b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f
bbbfd971bc53fbc6a49dbdca1a430817843025a8ddeab4f74ee2877c4a9d4723
bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412
bf63b5e7610143630afc177937eb4f723527452d91f489d1f93d2c0acc73d8d5
bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
d4eecc7bc7a9375f58f13c9f0971a5eadb4cc4be7c9b185f90f337227ade8406
d75f32679d5fefb1dbb783da1036c88d6d759c80c8e525c6aa51ec5034da4d14
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8c7ef6b235ca83f08709c9321cdab5733900f63334c733cd5869bcd57e552e7
dab61e21f5c14d5a9e891a6f4c462c90d7c7faf50ef36c85b293a64b0ec143fb
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de3061c92ee78e0630205b1509abe799b1363a1e29a5c0024372d424ec884fb3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e527e0eb0d56aacb1e8c1c6b443dc8c9fb8636f3ca0b89db86944b9754ccec49
e5337f2757b4804032e51eba7308f2d5293af48e6290f3cb75eb625bd226bfd3
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e89e606cf73f8c38050e68b8f503a8a8d64486a00f3ff123670db1c18b880324
ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43
ed5d463f0e79e33f204da1695ea3658a1d6781750056d7e3dc29c1477d35ed6d
ed793520fe380b8c8641b803acdc6a947f914c6235813fe341f9a06f977e9936
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
eed9c1556c8da001c160d123212b042d1de1b07c405712e8c2aa8e78a502684a
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
facc9fb81a00c94a567cea55639a614e6814c539610730c60ce7589caf778692
fcd48b783f5254b2c488d000e85480d034e9493b8c9aff37a8580d7acb36a83a