www.loginask.com Open in urlscan Pro
104.21.19.203 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
Submission: On September 15 via api (September 15th 2021, 4:07:18 am UTC) from US — Scanned from DE

Summary HTTP 116 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 16 domains to perform 116 HTTP transactions. The main IP is 104.21.19.203, located in and belongs to CLOUDFLARENET, US. The main domain is www.loginask.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 1st 2021. Valid for: a year.

This is the only time www.loginask.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	104.21.19.203 104.21.19.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.187.234 142.250.187.234	15169 (GOOGLE) (GOOGLE)
3	172.217.169.67 172.217.169.67	15169 (GOOGLE) (GOOGLE)
8	142.250.178.2 142.250.178.2	15169 (GOOGLE) (GOOGLE)
10	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	216.58.213.4 216.58.213.4	15169 (GOOGLE) (GOOGLE)
9	142.250.179.226 142.250.179.226	15169 (GOOGLE) (GOOGLE)
1	142.250.178.8 142.250.178.8	15169 (GOOGLE) (GOOGLE)
2	185.60.218.24 185.60.218.24	32934 (FACEBOOK) (FACEBOOK)
4	142.250.200.2 142.250.200.2	15169 (GOOGLE) (GOOGLE)
1	142.250.180.10 142.250.180.10	15169 (GOOGLE) (GOOGLE)
2	142.250.200.14 142.250.200.14	15169 (GOOGLE) (GOOGLE)
2	142.250.187.194 142.250.187.194	15169 (GOOGLE) (GOOGLE)
4	142.250.178.1 142.250.178.1	15169 (GOOGLE) (GOOGLE)
15	142.250.200.46 142.250.200.46	15169 (GOOGLE) (GOOGLE)
2	185.60.218.35 185.60.218.35	32934 (FACEBOOK) (FACEBOOK)
1	142.250.200.34 142.250.200.34	15169 (GOOGLE) (GOOGLE)
4	142.250.187.226 142.250.187.226	15169 (GOOGLE) (GOOGLE)
1 18	216.58.212.225 216.58.212.225	15169 (GOOGLE) (GOOGLE)
4	172.217.169.3 172.217.169.3	15169 (GOOGLE) (GOOGLE)
1 1	209.140.129.51 209.140.129.51	11643 (EBAY) (EBAY)
1	104.75.89.51 104.75.89.51	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.179.238 142.250.179.238	15169 (GOOGLE) (GOOGLE)
1	142.250.187.206 142.250.187.206	15169 (GOOGLE) (GOOGLE)
116	24

14 104.21.19.203 (None, )

ASN13335 (CLOUDFLARENET, US)

www.loginask.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.187.234 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s34-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.169.67 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s09-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.178.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.213.4 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lhr25s25-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.179.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s31-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.178.8 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.218.24 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-otp1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.200.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s29-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.180.10 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.200.14 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s29-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.187.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.178.1 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f1.1e100.net

e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.200.46 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s30-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.218.35 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-otp1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.200.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s30-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.187.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s34-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 216.58.212.225 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lhr25s28-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.169.3 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s26-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.140.129.51 (United States) 1 redirects

ASN11643 (EBAY, US)
PTR: rover-public-rnoaz03-1-1.ebay.com

www.ebayadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.89.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-51.deploy.static.akamaitechnologies.com

secureir.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.179.238 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s31-in-f14.1e100.net

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.187.206 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f14.1e100.net

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com 1 redirects pagead2.googlesyndication.com e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com tpc.googlesyndication.com	420 KB
22	google.com 1 redirects www.google.com adservice.google.com fundingchoicesmessages.google.com	172 KB
14	loginask.com www.loginask.com	323 KB
11	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	208 KB
10	media.net contextual.media.net lg3.media.net	137 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com	167 KB
6	googleapis.com fonts.googleapis.com ajax.googleapis.com	9 KB
4	googletagservices.com www.googletagservices.com	141 KB
2	facebook.com www.facebook.com	404 B
2	google-analytics.com www.google-analytics.com	386 B
2	facebook.net connect.facebook.net	113 KB
1	ebaystatic.com secureir.ebaystatic.com	538 B
1	ebayadservices.com 1 redirects www.ebayadservices.com	594 B
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	440 B
1	googletagmanager.com www.googletagmanager.com	51 KB
116	16

	Domain	Requested by
18	tpc.googlesyndication.com	1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
15	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
14	www.loginask.com	www.loginask.com
9	pagead2.googlesyndication.com	www.loginask.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
7	contextual.media.net	www.loginask.com contextual.media.net
7	securepubads.g.doubleclick.net	www.loginask.com securepubads.g.doubleclick.net
5	www.google.com	1 redirects www.loginask.com tpc.googlesyndication.com e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
5	fonts.googleapis.com	www.loginask.com ajax.googleapis.com e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
4	www.gstatic.com	e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
4	www.googletagservices.com	pagead2.googlesyndication.com e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
4	e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
3	lg3.media.net	contextual.media.net
3	fonts.gstatic.com	fonts.googleapis.com
2	encrypted-tbn1.gstatic.com	e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
2	www.facebook.com
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	www.loginask.com connect.facebook.net
1	encrypted-tbn0.gstatic.com	e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
1	secureir.ebaystatic.com
1	www.ebayadservices.com	1 redirects
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ajax.googleapis.com	www.loginask.com
1	www.googletagmanager.com	www.loginask.com
116	26

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
pinterest.com
www.reddit.com
arvest.cardmanager.com
www.pinterest.com
loginask.tumblr.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
www.ebay.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-25` - `2022-08-25`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
Frame ID: 8D69840882AE16ED40F7EEAA24751427
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Frame ID: 1382A51BD2353C187E5499C454983701
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUW5E86S&https=1&itype=CM
Frame ID: DA08F18D8918361109E450FC91827A1F
Requests: 1 HTTP requests in this frame

Frame: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EF7576ECE8622589B27D8487FFA0F99B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5258751771164045&output=html&adk=1812271804&adf=3025194257&lmt=1631678833&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.loginask.com%2Farvest-mobile-banking-online-sign-in-bank%3Fcid%3D60b138947d6bc05cfbcdfb57&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631678832622&bpp=4&bdt=448&idt=183&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6663260546619&frm=20&pv=2&ga_vid=876521406.1631678833&ga_sid=1631678833&ga_hid=1032948873&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062524%2C31062527&oid=3&pvsid=4143300495475903&pem=185&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=419
Frame ID: E752CEB389CD89419FEB5B61CADB14B5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 9E2CCADBD2129AFD533A7504B2C3011B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A1F4920C237E4E67B4F4CEEF8B93140A
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV75218.js
Frame ID: 5FBD45E6B9BD864D9D6B00EE565DCCCE
Requests: 7 HTTP requests in this frame

Frame: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 285349B50E6376CDCBAE61857B1C7F01
Requests: 5 HTTP requests in this frame

Frame: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4D8B7CE24F0D854B15E95D029E8CB98F
Requests: 18 HTTP requests in this frame

Frame: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 69FA34396678899335883EECBCE7DDA6
Requests: 11 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 2164308C497537296E96A02E3826C6FC
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F9802392B81E786B70A10B2E1B55830F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

arvest.cardmanager.com Login Information, Account|Loginask

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

116
Requests

100 %
HTTPS

0 %
IPv6

16
Domains

26
Subdomains

24
IPs

4
Countries

1745 kB
Transfer

4227 kB
Size

13
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer.php?u=http://www.loginask.com/arvest-mobile-banking-online-sign-in-bank

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=http://www.loginask.com/arvest-mobile-banking-online-sign-in-bank

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=http://www.loginask.com/arvest-mobile-banking-online-sign-in-bank

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=http://www.loginask.com/arvest-mobile-banking-online-sign-in-bank

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=http://www.loginask.com/arvest-mobile-banking-online-sign-in-bank

Search URL Search Domain Scan URL

URL: https://arvest.cardmanager.com/?brand=SB7600VBSEC
Title: Go To Login Page

Search URL Search Domain Scan URL

URL: https://www.facebook.com/LoginAskcom-106096034893381

Search URL Search Domain Scan URL

URL: https://twitter.com/TLoginask

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/loginaskdotcom/

Search URL Search Domain Scan URL

URL: https://loginask.tumblr.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-157687-884638-9&mkcid=4&mkevt=2&mpt=1888868840&ff18=mWeb&siteid=77&adtype=0&size=1x1&ipn=admain2&placement=529704 HTTP 301
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

Request Chain 99

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD34sLimAEQgAkYgQkyCLhTVvxEnQYN HTTP 301
https://tpc.googlesyndication.com/simgad/2401371329490837093

Request Chain 102

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

116 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request arvest-mobile-banking-online-sign-in-bank Show response
www.loginask.com/ 34 KB
9 KB 3918ms
3880ms Document
text/html 104.21.19.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.19.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4889ea14062280806d1a3891f57c2d36f72bf1b26cda2ae833759be260b37e93

Security Headers

Name	Value
X-Frame-Options	ALLOW FROM https://www.google.com/

Request headers

:method: GET
:authority: www.loginask.com
:scheme: https
:path: /arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://www.google.com/
set-cookie: XSRF-TOKEN=eyJpdiI6ImFqUDlpcTE1VFRjZ09cLzV3d0pnczN3PT0iLCJ2YWx1ZSI6IkVvVlJnUXRuTXFQdmxMMUMrelJ5WEJ1RHRzUU05ZlVuVlVsMFwveGgxMzhKajVLZFliTzNkd0poVmRqQ01JXC80ZiIsIm1hYyI6ImQxZDI3MDNmZGZlYTJlMTgxZGFhZTk1YjVjOTdhZDlkMzI0MTFmMGE2ZTVkYWE5OWUyMDM2ZGE2ZjZlYjJmNjUifQ%3D%3D; expires=Wed, 15-Sep-2021 06:07:12 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IlFDUzlhK25GSUdhRG53Y0JEcVRsbnc9PSIsInZhbHVlIjoiT0pQUmtVVWZyWnBoQmQxa0xQQW5lZGhKeUF1WmRoWm9WeHhsVUJLMHczRWVKSHNcL1kzVkY1UlQrXC9icDRsY1wvYyIsIm1hYyI6IjhkZjg5OGFkN2QzMTEwMDc4NTk2MWQ4NTJlOGIwY2MyODk0MTZmMTZkMGM2YWIwOWI0ZThiNGUzOTI2ZWJkMmUifQ%3D%3D; expires=Wed, 15-Sep-2021 06:07:12 GMT; Max-Age=7200; path=/; httponly
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GK6TXcYXP95l3WN62MKmx6FA33EuSPq8i1FBGZnsxfF4S0C%2F0KubmtofBmXu2PnMvl7qyvo%2F8498tqs0ijtY52tX%2BEW%2Bl0gb%2FbVl%2FXZNrn0yXNIQOBisREDYVkxNUQK1M%2FFy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68eefc842e1c42db-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 plugins.min.css
www.loginask.com/css/ 29 KB
3 KB 16ms
15ms Stylesheet
text/css 104.21.19.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.loginask.com/css/plugins.min.css
Requested by: Host: www.loginask.com
URL: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a53cbe924173ea0ffba4559c1affe12b64ba2fc8f138d2f4fe56243be90aa3d4

Request headers

:path: /css/plugins.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImFqUDlpcTE1VFRjZ09cLzV3d0pnczN3PT0iLCJ2YWx1ZSI6IkVvVlJnUXRuTXFQdmxMMUMrelJ5WEJ1RHRzUU05ZlVuVlVsMFwveGgxMzhKajVLZFliTzNkd0poVmRqQ01JXC80ZiIsIm1hYyI6ImQxZDI3MDNmZGZlYTJlMTgxZGFhZTk1YjVjOTdhZDlkMzI0MTFmMGE2ZTVkYWE5OWUyMDM2ZGE2ZjZlYjJmNjUifQ%3D%3D; laravel_session=eyJpdiI6IlFDUzlhK25GSUdhRG53Y0JEcVRsbnc9PSIsInZhbHVlIjoiT0pQUmtVVWZyWnBoQmQxa0xQQW5lZGhKeUF1WmRoWm9WeHhsVUJLMHczRWVKSHNcL1kzVkY1UlQrXC9icDRsY1wvYyIsIm1hYyI6IjhkZjg5OGFkN2QzMTEwMDc4NTk2MWQ4NTJlOGIwY2MyODk0MTZmMTZkMGM2YWIwOWI0ZThiNGUzOTI2ZWJkMmUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.loginask.com
referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-original-content-length: 30085
age: 931934
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 11 Jun 2021 04:53:30 GMT
server: cloudflare
etag: W/"60c2ec4a-7585"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMNqFJV8KwnQ0ONOMijf3NA9Jp%2FoCQaVPtXeHBB2mHHU5o77CKmDCNDLUoXDIHJT4z6f%2BclepfexRa%2BM7ZIYYDc%2F9%2BOUt1RCmpKT%2BzdywMVOdHB%2F1O%2BHD4eYnV8PcKmoYODP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 68eefc9d391d42db-FRA
expires: Sun, 04 Sep 2022 05:13:11 GMT

GET
H2 200 root.min.css
www.loginask.com/mix/ 54 KB
11 KB 20ms
19ms Stylesheet
text/css 104.21.19.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.loginask.com/mix/root.min.css
Requested by: Host: www.loginask.com
URL: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75a744e067dff8a30c1ccf9640126f24e23a726960acf65ea91530eafcc985b2

Request headers

:path: /mix/root.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImFqUDlpcTE1VFRjZ09cLzV3d0pnczN3PT0iLCJ2YWx1ZSI6IkVvVlJnUXRuTXFQdmxMMUMrelJ5WEJ1RHRzUU05ZlVuVlVsMFwveGgxMzhKajVLZFliTzNkd0poVmRqQ01JXC80ZiIsIm1hYyI6ImQxZDI3MDNmZGZlYTJlMTgxZGFhZTk1YjVjOTdhZDlkMzI0MTFmMGE2ZTVkYWE5OWUyMDM2ZGE2ZjZlYjJmNjUifQ%3D%3D; laravel_session=eyJpdiI6IlFDUzlhK25GSUdhRG53Y0JEcVRsbnc9PSIsInZhbHVlIjoiT0pQUmtVVWZyWnBoQmQxa0xQQW5lZGhKeUF1WmRoWm9WeHhsVUJLMHczRWVKSHNcL1kzVkY1UlQrXC9icDRsY1wvYyIsIm1hYyI6IjhkZjg5OGFkN2QzMTEwMDc4NTk2MWQ4NTJlOGIwY2MyODk0MTZmMTZkMGM2YWIwOWI0ZThiNGUzOTI2ZWJkMmUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.loginask.com
referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-original-content-length: 54798
age: 931934
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
etag: W/"612d9512-d60e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4qrcBl3PmPphFZrQOXlHvnmzDJMs5%2FaF5y7saxmAsS8bSqYUU4J9o8Jc8%2F4erEAcrqmQHAr73TpFxUj5mYUnQrh9GlD3hbtXv8Idz088ifpswyavHVtbmz5ftaYw8a4kzAf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 68eefc9d391f42db-FRA
expires: Sun, 04 Sep 2022 09:10:33 GMT

GET
H2 200 index.min.css
www.loginask.com/mix/ 10 KB
3 KB 16ms
16ms Stylesheet
text/css 104.21.19.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.loginask.com/mix/index.min.css
Requested by: Host: www.loginask.com
URL: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4daeba9e0b477683fe58414e70781c1e8ca24c3a3003b912815f824c1ea19c2

Request headers

:path: /mix/index.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImFqUDlpcTE1VFRjZ09cLzV3d0pnczN3PT0iLCJ2YWx1ZSI6IkVvVlJnUXRuTXFQdmxMMUMrelJ5WEJ1RHRzUU05ZlVuVlVsMFwveGgxMzhKajVLZFliTzNkd0poVmRqQ01JXC80ZiIsIm1hYyI6ImQxZDI3MDNmZGZlYTJlMTgxZGFhZTk1YjVjOTdhZDlkMzI0MTFmMGE2ZTVkYWE5OWUyMDM2ZGE2ZjZlYjJmNjUifQ%3D%3D; laravel_session=eyJpdiI6IlFDUzlhK25GSUdhRG53Y0JEcVRsbnc9PSIsInZhbHVlIjoiT0pQUmtVVWZyWnBoQmQxa0xQQW5lZGhKeUF1WmRoWm9WeHhsVUJLMHczRWVKSHNcL1kzVkY1UlQrXC9icDRsY1wvYyIsIm1hYyI6IjhkZjg5OGFkN2QzMTEwMDc4NTk2MWQ4NTJlOGIwY2MyODk0MTZmMTZkMGM2YWIwOWI0ZThiNGUzOTI2ZWJkMmUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.loginask.com
referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
content-encoding: br
vary: Accept-Encoding User-Agent,Save-Data
cf-cache-status: HIT
x-original-content-length: 10080
age: 878697
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
etag: W/"PSA-aj-k7TQAjQeIS"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gucplgD0iyd%2FQBWSxFPssfKcFUGvS9mCRgZtahvuKWo%2F0fzXoV3wJlyI7m892AkhVXO4ux%2FzEYIuOaHTjc3dX2iUIUgCLXjBRFFpFDvwStUQSy5x48kRDk4%2FCNB7j1SUidr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2477000
cf-ray: 68eefc9d392142db-FRA
expires: Sun, 03 Oct 2021 16:05:31 GMT

GET
H2 200 font.min.css
www.loginask.com/mix/ 5 KB
2 KB 13ms
13ms Stylesheet
text/css 104.21.19.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.loginask.com/mix/font.min.css
Requested by: Host: www.loginask.com
URL: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c13082d88729f3f29f49a582a65ee1a8fe0cd899909b1c639915c9ada1da5e4a

Request headers

:path: /mix/font.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImFqUDlpcTE1VFRjZ09cLzV3d0pnczN3PT0iLCJ2YWx1ZSI6IkVvVlJnUXRuTXFQdmxMMUMrelJ5WEJ1RHRzUU05ZlVuVlVsMFwveGgxMzhKajVLZFliTzNkd0poVmRqQ01JXC80ZiIsIm1hYyI6ImQxZDI3MDNmZGZlYTJlMTgxZGFhZTk1YjVjOTdhZDlkMzI0MTFmMGE2ZTVkYWE5OWUyMDM2ZGE2ZjZlYjJmNjUifQ%3D%3D; laravel_session=eyJpdiI6IlFDUzlhK25GSUdhRG53Y0JEcVRsbnc9PSIsInZhbHVlIjoiT0pQUmtVVWZyWnBoQmQxa0xQQW5lZGhKeUF1WmRoWm9WeHhsVUJLMHczRWVKSHNcL1kzVkY1UlQrXC9icDRsY1wvYyIsIm1hYyI6IjhkZjg5OGFkN2QzMTEwMDc4NTk2MWQ4NTJlOGIwY2MyODk0MTZmMTZkMGM2YWIwOWI0ZThiNGUzOTI2ZWJkMmUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.loginask.com
referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
content-encoding: br
vary: Accept-Encoding User-Agent,Save-Data
cf-cache-status: HIT
x-original-content-length: 5001
age: 878697
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
etag: W/"PSA-aj-R4kBezVDi1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEE4avYC7uFTd6f6fEZVtG3ugZw60RG%2BYJYSsbV%2BNoGIq31N9s0JMzSbGLuAwr%2F2SBJxzcL3HHCut5S6cQ25HDFSKo0KYEDu%2BaFDAGVApQu%2BBkZeflbMQXywd27%2BXwfHMqmt"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31482503
cf-ray: 68eefc9d392242db-FRA
expires: Sun, 04 Sep 2022 09:10:34 GMT

GET
H2 200 invisible.js Show response
www.loginask.com/cdn-cgi/challenge-platform/h/g/scripts/ 44 KB
16 KB 96ms
95ms Script
text/javascript 104.21.19.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.loginask.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Requested by: Host: www.loginask.com
URL: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9627f6c06fd634e94588bdfec41d9dcb2289951551ab9a232104213487c85495

Request headers

:path: /cdn-cgi/challenge-platform/h/g/scripts/invisible.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImFqUDlpcTE1VFRjZ09cLzV3d0pnczN3PT0iLCJ2YWx1ZSI6IkVvVlJnUXRuTXFQdmxMMUMrelJ5WEJ1RHRzUU05ZlVuVlVsMFwveGgxMzhKajVLZFliTzNkd0poVmRqQ01JXC80ZiIsIm1hYyI6ImQxZDI3MDNmZGZlYTJlMTgxZGFhZTk1YjVjOTdhZDlkMzI0MTFmMGE2ZTVkYWE5OWUyMDM2ZGE2ZjZlYjJmNjUifQ%3D%3D; laravel_session=eyJpdiI6IlFDUzlhK25GSUdhRG53Y0JEcVRsbnc9PSIsInZhbHVlIjoiT0pQUmtVVWZyWnBoQmQxa0xQQW5lZGhKeUF1WmRoWm9WeHhsVUJLMHczRWVKSHNcL1kzVkY1UlQrXC9icDRsY1wvYyIsIm1hYyI6IjhkZjg5OGFkN2QzMTEwMDc4NTk2MWQ4NTJlOGIwY2MyODk0MTZmMTZkMGM2YWIwOWI0ZThiNGUzOTI2ZWJkMmUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.loginask.com
referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nr3QzfE0R4Q7OhZ1nDKkT6IrYKPQBF0fE5UjmQdvCqyCs66%2FED7zZEyu4KgkumFz5cAfFhhv%2Bk8W2dkbz9FObMLn2rM8TbAmqlQ4IWkdl1%2FihDmld9yf4pVZZWl07ySRqw9g"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 68eefc9d392542db-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 loginask-logox200.png
www.loginask.com/img/logo/ 6 KB
6 KB 19ms
18ms Image
image/png 104.21.19.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.loginask.com/img/logo/loginask-logox200.png
Requested by: Host: www.loginask.com
URL: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a90f674b9de9e0f29a760c072fb7dfa69b367768ba3b554ccba4dd72e410777

Request headers

:path: /img/logo/loginask-logox200.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImFqUDlpcTE1VFRjZ09cLzV3d0pnczN3PT0iLCJ2YWx1ZSI6IkVvVlJnUXRuTXFQdmxMMUMrelJ5WEJ1RHRzUU05ZlVuVlVsMFwveGgxMzhKajVLZFliTzNkd0poVmRqQ01JXC80ZiIsIm1hYyI6ImQxZDI3MDNmZGZlYTJlMTgxZGFhZTk1YjVjOTdhZDlkMzI0MTFmMGE2ZTVkYWE5OWUyMDM2ZGE2ZjZlYjJmNjUifQ%3D%3D; laravel_session=eyJpdiI6IlFDUzlhK25GSUdhRG53Y0JEcVRsbnc9PSIsInZhbHVlIjoiT0pQUmtVVWZyWnBoQmQxa0xQQW5lZGhKeUF1WmRoWm9WeHhsVUJLMHczRWVKSHNcL1kzVkY1UlQrXC9icDRsY1wvYyIsIm1hYyI6IjhkZjg5OGFkN2QzMTEwMDc4NTk2MWQ4NTJlOGIwY2MyODk0MTZmMTZkMGM2YWIwOWI0ZThiNGUzOTI2ZWJkMmUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.loginask.com
referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
x-original-content-length: 9027
age: 900221
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5960
server: cloudflare
etag: W/"PSA-aj-fTHnymk6Ic"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heqZZqOKzhD2RNrVg%2FkIac6VwN5J0j%2FqxqEeB0FFirbh9FCwuJ%2BN6Gm85hyhoGF4DcHsXCVDQGuXqm4X16HO6roVqi8pKIBP5PueUz%2FrklulAQgzOBFiNL6c8%2BUegSGE03z3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2560103
accept-ranges: bytes
cf-ray: 68eefc9d392642db-FRA
expires: Mon, 04 Oct 2021 09:10:34 GMT

GET
H2 200 email-decode.min.js Show response
www.loginask.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
8ms Script
application/javascript 104.21.19.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loginask.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.loginask.com
URL: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.19.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImFqUDlpcTE1VFRjZ09cLzV3d0pnczN3PT0iLCJ2YWx1ZSI6IkVvVlJnUXRuTXFQdmxMMUMrelJ5WEJ1RHRzUU05ZlVuVlVsMFwveGgxMzhKajVLZFliTzNkd0poVmRqQ01JXC80ZiIsIm1hYyI6ImQxZDI3MDNmZGZlYTJlMTgxZGFhZTk1YjVjOTdhZDlkMzI0MTFmMGE2ZTVkYWE5OWUyMDM2ZGE2ZjZlYjJmNjUifQ%3D%3D; laravel_session=eyJpdiI6IlFDUzlhK25GSUdhRG53Y0JEcVRsbnc9PSIsInZhbHVlIjoiT0pQUmtVVWZyWnBoQmQxa0xQQW5lZGhKeUF1WmRoWm9WeHhsVUJLMHczRWVKSHNcL1kzVkY1UlQrXC9icDRsY1wvYyIsIm1hYyI6IjhkZjg5OGFkN2QzMTEwMDc4NTk2MWQ4NTJlOGIwY2MyODk0MTZmMTZkMGM2YWIwOWI0ZThiNGUzOTI2ZWJkMmUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.loginask.com
referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 12:26:08 GMT
server: cloudflare
etag: W/"61375a60-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uu%2FnAqyTTzyIzJI3SxZxe1WjJFGwsb6NyaV7oBOHL59SZtv95ohAGvpFPlHCS2BWZwJ5CEUqz4EevN5rE6bgFt%2BW4zrLGPx64vxvkiJEMqDaODXk4pwtn0XyZ4KUv4Hso8%2F2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68eefc9d392442db-FRA
vary: Accept-Encoding
expires: Fri, 17 Sep 2021 04:07:12 GMT

GET
H2 200 noimage-loading.jpg
www.loginask.com/img/ 31 KB
31 KB 117ms
116ms Image
image/jpeg 104.21.19.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.loginask.com/img/noimage-loading.jpg
Requested by: Host: www.loginask.com
URL: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a53370bafd75423424df54b6243b1f4faee89f59141201ec22021b4d53b1debb

Request headers

:path: /img/noimage-loading.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImFqUDlpcTE1VFRjZ09cLzV3d0pnczN3PT0iLCJ2YWx1ZSI6IkVvVlJnUXRuTXFQdmxMMUMrelJ5WEJ1RHRzUU05ZlVuVlVsMFwveGgxMzhKajVLZFliTzNkd0poVmRqQ01JXC80ZiIsIm1hYyI6ImQxZDI3MDNmZGZlYTJlMTgxZGFhZTk1YjVjOTdhZDlkMzI0MTFmMGE2ZTVkYWE5OWUyMDM2ZGE2ZjZlYjJmNjUifQ%3D%3D; laravel_session=eyJpdiI6IlFDUzlhK25GSUdhRG53Y0JEcVRsbnc9PSIsInZhbHVlIjoiT0pQUmtVVWZyWnBoQmQxa0xQQW5lZGhKeUF1WmRoWm9WeHhsVUJLMHczRWVKSHNcL1kzVkY1UlQrXC9icDRsY1wvYyIsIm1hYyI6IjhkZjg5OGFkN2QzMTEwMDc4NTk2MWQ4NTJlOGIwY2MyODk0MTZmMTZkMGM2YWIwOWI0ZThiNGUzOTI2ZWJkMmUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.loginask.com
referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "60bdd057-7a1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TnhWA3ktaY6H3Ycs%2FnoB9afvb7xKNrpJB1EAvC5z0LeZG2ljKphxfETVU7Na27typ1szVU9IczFYYurJCGY0eGg64lTDGTgF%2Bn9i9%2Ffl9EQZRr5a6m7US1PwtbA44cacVqm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, s-maxage=10
accept-ranges: bytes
cf-ray: 68eefc9d392742db-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31261
expires: Fri, 15 Oct 2021 04:07:12 GMT

GET
H2 200 rocket-loader.min.js Show response
www.loginask.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 9ms
9ms Script
application/javascript 104.21.19.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.loginask.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.loginask.com
URL: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.19.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImFqUDlpcTE1VFRjZ09cLzV3d0pnczN3PT0iLCJ2YWx1ZSI6IkVvVlJnUXRuTXFQdmxMMUMrelJ5WEJ1RHRzUU05ZlVuVlVsMFwveGgxMzhKajVLZFliTzNkd0poVmRqQ01JXC80ZiIsIm1hYyI6ImQxZDI3MDNmZGZlYTJlMTgxZGFhZTk1YjVjOTdhZDlkMzI0MTFmMGE2ZTVkYWE5OWUyMDM2ZGE2ZjZlYjJmNjUifQ%3D%3D; laravel_session=eyJpdiI6IlFDUzlhK25GSUdhRG53Y0JEcVRsbnc9PSIsInZhbHVlIjoiT0pQUmtVVWZyWnBoQmQxa0xQQW5lZGhKeUF1WmRoWm9WeHhsVUJLMHczRWVKSHNcL1kzVkY1UlQrXC9icDRsY1wvYyIsIm1hYyI6IjhkZjg5OGFkN2QzMTEwMDc4NTk2MWQ4NTJlOGIwY2MyODk0MTZmMTZkMGM2YWIwOWI0ZThiNGUzOTI2ZWJkMmUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.loginask.com
referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 12:26:08 GMT
server: cloudflare
etag: W/"61375a60-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKmKX9WqUnyaxV%2F7GwNy235sLY8UjWkV1FS%2FvchhQRmY%2FCf3SpGTD7qYyeooXZMpoUouMhpgu7booZO%2BtLkpshJMXjVledQgPheeWRbhgf95bdZONXixD5ncz0l1SN9M5nwK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68eefc9d392942db-FRA
vary: Accept-Encoding
expires: Fri, 17 Sep 2021 04:07:12 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 108ms
37ms Stylesheet
text/css 142.250.187.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: www.loginask.com
URL: https://www.loginask.com/mix/index.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f10.1e100.net

Software

ESF /

Resource Hash

0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 03:01:22 GMT
server: ESF
date: Wed, 15 Sep 2021 04:07:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 04:07:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 69ms
18ms Font
font/woff2 172.217.169.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s09-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.loginask.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 06:48:51 GMT
x-content-type-options: nosniff
age: 335901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Sep 2022 06:48:51 GMT

GET
H3 200 fa-solid-900.woff2
www.loginask.com/fonts/ 78 KB
79 KB 108ms
108ms Font
application/octet-stream 104.21.19.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.loginask.com/fonts/fa-solid-900.woff2?c500da19d776384ba69573ae6fe274e7
Requested by: Host: www.loginask.com
URL: https://www.loginask.com/mix/font.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

sec-fetch-mode: cors
origin: https://www.loginask.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6ImFqUDlpcTE1VFRjZ09cLzV3d0pnczN3PT0iLCJ2YWx1ZSI6IkVvVlJnUXRuTXFQdmxMMUMrelJ5WEJ1RHRzUU05ZlVuVlVsMFwveGgxMzhKajVLZFliTzNkd0poVmRqQ01JXC80ZiIsIm1hYyI6ImQxZDI3MDNmZGZlYTJlMTgxZGFhZTk1YjVjOTdhZDlkMzI0MTFmMGE2ZTVkYWE5OWUyMDM2ZGE2ZjZlYjJmNjUifQ%3D%3D; laravel_session=eyJpdiI6IlFDUzlhK25GSUdhRG53Y0JEcVRsbnc9PSIsInZhbHVlIjoiT0pQUmtVVWZyWnBoQmQxa0xQQW5lZGhKeUF1WmRoWm9WeHhsVUJLMHczRWVKSHNcL1kzVkY1UlQrXC9icDRsY1wvYyIsIm1hYyI6IjhkZjg5OGFkN2QzMTEwMDc4NTk2MWQ4NTJlOGIwY2MyODk0MTZmMTZkMGM2YWIwOWI0ZThiNGUzOTI2ZWJkMmUifQ%3D%3D
:path: /fonts/fa-solid-900.woff2?c500da19d776384ba69573ae6fe274e7
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.loginask.com
referer: https://www.loginask.com/mix/font.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.loginask.com/mix/font.min.css
Origin: https://www.loginask.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 80148
last-modified: Sat, 05 Jun 2021 16:26:29 GMT
server: cloudflare
etag: "60bba5b5-13914"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Us5rhpmoRlCZzcJsOlAnlZ2A7UKUdtHWsrNoOytGLVGZlsOY0uFG8yvMxT8S5It4tdaTk7Hmz0CKvUTdmYEqt8yi9IU35ikA7rWFBVpiIlApn6cwxTv3fs8gQqWc%2Bg0ryYMq"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 68eefc9e08e4c2c2-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fa-brands-400.woff2
www.loginask.com/fonts/ 76 KB
76 KB 122ms
122ms Font
application/octet-stream 104.21.19.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.loginask.com/fonts/fa-brands-400.woff2?cac68c831145804808381a7032fdc7c2
Requested by: Host: www.loginask.com
URL: https://www.loginask.com/mix/font.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d

Request headers

sec-fetch-mode: cors
origin: https://www.loginask.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6ImFqUDlpcTE1VFRjZ09cLzV3d0pnczN3PT0iLCJ2YWx1ZSI6IkVvVlJnUXRuTXFQdmxMMUMrelJ5WEJ1RHRzUU05ZlVuVlVsMFwveGgxMzhKajVLZFliTzNkd0poVmRqQ01JXC80ZiIsIm1hYyI6ImQxZDI3MDNmZGZlYTJlMTgxZGFhZTk1YjVjOTdhZDlkMzI0MTFmMGE2ZTVkYWE5OWUyMDM2ZGE2ZjZlYjJmNjUifQ%3D%3D; laravel_session=eyJpdiI6IlFDUzlhK25GSUdhRG53Y0JEcVRsbnc9PSIsInZhbHVlIjoiT0pQUmtVVWZyWnBoQmQxa0xQQW5lZGhKeUF1WmRoWm9WeHhsVUJLMHczRWVKSHNcL1kzVkY1UlQrXC9icDRsY1wvYyIsIm1hYyI6IjhkZjg5OGFkN2QzMTEwMDc4NTk2MWQ4NTJlOGIwY2MyODk0MTZmMTZkMGM2YWIwOWI0ZThiNGUzOTI2ZWJkMmUifQ%3D%3D
:path: /fonts/fa-brands-400.woff2?cac68c831145804808381a7032fdc7c2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.loginask.com
referer: https://www.loginask.com/mix/font.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.loginask.com/mix/font.min.css
Origin: https://www.loginask.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77400
last-modified: Sat, 05 Jun 2021 16:26:29 GMT
server: cloudflare
etag: "60bba5b5-12e58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DVCGw0KYZpmcPT56pUCLt20XowXpQPHkd6cBUA19kEcf%2B7Xi96Jd6oWcCYbzyKzwaxLYzroTnhKH4OhhDlk9qFqWMgwSE%2FsWTWSRaCy9wLeOWTQ06Thv7YOxxcncrG%2BmdkZ"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 68eefc9e08e5c2c2-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 plugins.min.js Show response
www.loginask.com/js/ 250 KB
78 KB 27ms
26ms Script
application/javascript 104.21.19.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.loginask.com/js/plugins.min.js
Requested by: Host: www.loginask.com
URL: https://www.loginask.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 883f29a19ff15d7a03ea6a2a82e0a1408790816649359f8a35935bc96e233a15

Request headers

:path: /js/plugins.min.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImFqUDlpcTE1VFRjZ09cLzV3d0pnczN3PT0iLCJ2YWx1ZSI6IkVvVlJnUXRuTXFQdmxMMUMrelJ5WEJ1RHRzUU05ZlVuVlVsMFwveGgxMzhKajVLZFliTzNkd0poVmRqQ01JXC80ZiIsIm1hYyI6ImQxZDI3MDNmZGZlYTJlMTgxZGFhZTk1YjVjOTdhZDlkMzI0MTFmMGE2ZTVkYWE5OWUyMDM2ZGE2ZjZlYjJmNjUifQ%3D%3D; laravel_session=eyJpdiI6IlFDUzlhK25GSUdhRG53Y0JEcVRsbnc9PSIsInZhbHVlIjoiT0pQUmtVVWZyWnBoQmQxa0xQQW5lZGhKeUF1WmRoWm9WeHhsVUJLMHczRWVKSHNcL1kzVkY1UlQrXC9icDRsY1wvYyIsIm1hYyI6IjhkZjg5OGFkN2QzMTEwMDc4NTk2MWQ4NTJlOGIwY2MyODk0MTZmMTZkMGM2YWIwOWI0ZThiNGUzOTI2ZWJkMmUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.loginask.com
referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-original-content-length: 256477
age: 878697
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
etag: W/"PSA-aj-COpoEk7-Pt"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cL0V2GxKb042WlBPu0h7LW8W%2BUALdSiUEpesq%2Br98UONrcLOlOUZ6bXjT7mqkO%2FfDX2YPzhqsCNun%2FnuawJ1FLlbKkFrFfgx3eMOfLJ7lbpgXy%2BEhN7rUFXsd3VxfZUIOOeP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31535981
cf-ray: 68eefc9e38fac2c2-FRA
expires: Mon, 05 Sep 2022 00:01:37 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
25 KB 83ms
34ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.loginask.com
URL: https://www.loginask.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

6115059f2c4a2c8f61ae631a9c01930f18c12733d42f6773793cc347430ec90b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "987 / 83 of 1000 / last-modified: 1631661562"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25023
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Sep 2021 04:07:12 GMT

GET
H3 200 index.min.js Show response
www.loginask.com/js/ 8 KB
3 KB 14ms
13ms Script
application/javascript 104.21.19.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.loginask.com/js/index.min.js
Requested by: Host: www.loginask.com
URL: https://www.loginask.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ca63fe3357516272d00401cfe41ece37ad4cbcc0f5f742da268fb6aca609f9a

Request headers

:path: /js/index.min.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImFqUDlpcTE1VFRjZ09cLzV3d0pnczN3PT0iLCJ2YWx1ZSI6IkVvVlJnUXRuTXFQdmxMMUMrelJ5WEJ1RHRzUU05ZlVuVlVsMFwveGgxMzhKajVLZFliTzNkd0poVmRqQ01JXC80ZiIsIm1hYyI6ImQxZDI3MDNmZGZlYTJlMTgxZGFhZTk1YjVjOTdhZDlkMzI0MTFmMGE2ZTVkYWE5OWUyMDM2ZGE2ZjZlYjJmNjUifQ%3D%3D; laravel_session=eyJpdiI6IlFDUzlhK25GSUdhRG53Y0JEcVRsbnc9PSIsInZhbHVlIjoiT0pQUmtVVWZyWnBoQmQxa0xQQW5lZGhKeUF1WmRoWm9WeHhsVUJLMHczRWVKSHNcL1kzVkY1UlQrXC9icDRsY1wvYyIsIm1hYyI6IjhkZjg5OGFkN2QzMTEwMDc4NTk2MWQ4NTJlOGIwY2MyODk0MTZmMTZkMGM2YWIwOWI0ZThiNGUzOTI2ZWJkMmUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.loginask.com
referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-original-content-length: 8631
age: 675312
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
etag: W/"PSA-aj-yRBJhYlJYH"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ie%2FNDb5HH7bV7q6O50XWlhvAa%2FTXk2Kq3Lr80EUZKyk7UTi%2BPVUs%2BKuKLOf%2FbpEl%2FIjUDMoNQXiZoJFjScoDGg2tdoN0DMf3BBSzF1WSQYjiPde4kfMCsnAjrlMxTCsGMgm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31535986
cf-ray: 68eefc9e38fcc2c2-FRA
expires: Wed, 07 Sep 2022 08:31:13 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 149 KB
50 KB 256ms
30ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CUW5E86S

Requested by

Host: www.loginask.com
URL: https://www.loginask.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

55dd34bf871f39e0c94051607c4a7bb3c7f9deb493646be4e7f729f6f729cd95

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-mnt-h: 8-18
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag: "6cb832bdd715e135fcebdcc92666ad29"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Wed, 15 Sep 2021 04:07:12 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-11
expires: Wed, 15 Sep 2021 04:12:12 GMT

GET
H2 200 ads.js Show response
www.google.com/adsense/search/ 148 KB
54 KB 101ms
38ms Script
text/javascript 216.58.213.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/search/ads.js

Requested by

Host: www.loginask.com
URL: https://www.loginask.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.213.4 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f4.1e100.net

Software

sffe /

Resource Hash

cd4be9c1bbc8fdfb849f860dc43f4075b9a9c7ac59ccba12d0e3e83ddeaa0d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
etag: "17766088756977623533"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-afs-ui"
expires: Wed, 15 Sep 2021 04:07:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 87ms
36ms Script
text/javascript 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.loginask.com
URL: https://www.loginask.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

a90780934d15fac1fbcd388e13b6260a1899ec1742bb1a3db91d1fb43a1794d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48937
x-xss-protection: 0
server: cafe
etag: 6802240111074278633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 04:07:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
51 KB 108ms
41ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MS3SWZ891Q

Requested by

Host: www.loginask.com
URL: https://www.loginask.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5199304ab5d27ab9d7b973bd8b5bebee0c6c4b2b884a870b364a7a2a01799909

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51683
x-xss-protection: 0
expires: Wed, 15 Sep 2021 04:07:12 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 159ms
35ms Script
application/x-javascript 185.60.218.24
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.loginask.com
URL: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-otp1.fbcdn.net

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: M6/oBef+z9DBV3+OmFO1Gok/9y6OnYBgRPNfqAnVoBCIDUTuoBkOVPTDU/YPWZp+6C/1qW0zStsnfNhXZnsMEA==
x-fb-trip-id: 1082456386
x-frame-options: DENY
date: Wed, 15 Sep 2021 04:07:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 pubads_impl_2021091001.js Show response
securepubads.g.doubleclick.net/gpt/ 333 KB
117 KB 64ms
33ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

7345db8b8745d32b70fbbb0867ab8488760e99ce94aa40a78e73ad7fcba15866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119453
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 19:52:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Sep 2021 04:07:12 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 144 B
132 B 71ms
36ms XHR
application/json 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.loginask.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

cafe /

Resource Hash

fa65a92caf1e42d5063b845d9c16dca6ee05d8549e9fdbc7c9ffe80069c56930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 04:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107
x-xss-protection: 0
expires: Wed, 15 Sep 2021 04:07:12 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/ 251 KB
93 KB 69ms
45ms Script
text/javascript 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5258751771164045&plah=www.loginask.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

939d7bf90fd3a15a1bb8ef0d8ce7ccf6e7774dbff6829b4101d8269a282b656e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95049
x-xss-protection: 0
server: cafe
etag: 7171959250322627188
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 04:07:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/ Frame 1382 10 KB
5 KB 189ms
18ms Document
text/html 142.250.200.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.200.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s29-in-f2.1e100.net

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210908/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.loginask.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 14 Sep 2021 18:19:09 GMT
expires: Tue, 28 Sep 2021 18:19:09 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 35283
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 165ms
18ms Script
text/javascript 142.250.180.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.loginask.com
URL: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f10.1e100.net

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 21:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 14 Sep 2022 21:38:04 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
369 B 134ms
25ms Ping
text/plain 142.250.200.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-MS3SWZ891Q&gtm=2oe9d0&_p=1032948873&sr=1600x1200&ul=en-us&cid=876521406.1631678833&_s=1&dl=https%3A%2F%2Fwww.loginask.com%2Farvest-mobile-banking-online-sign-in-bank%3Fcid%3D60b138947d6bc05cfbcdfb57&dt=arvest.cardmanager.com%20Login%20Information%2C%20Account%7CLoginask&sid=1631678832&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MS3SWZ891Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.200.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr48s29-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.loginask.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 04:07:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.loginask.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1485977301784982 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 73ms
37ms Script
application/x-javascript 185.60.218.24
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1485977301784982?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-otp1.fbcdn.net

Software

Resource Hash

4a7123bd1622d5a4fd37f3e7ffda2a8551dc27990389e220d3f40e2152444c04

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 89202
x-xss-protection: 0
pragma: public
x-fb-debug: qD1OMATJTSM/uDoy8x9Td4hJofx1DEvAQoVLNrlctiARX67zyY2wF1LX0DoW1V2MEvRn+hqWnS29PL/HrJlj5w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 15 Sep 2021 04:07:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fcmain.js Show response
contextual.media.net/513488111/ 78 KB
24 KB 469ms
469ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/513488111/fcmain.js?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUW5E86S&cpcd=7IF0V1_rFgVDZHruKRUCeA%3D%3D&crid=648708063&size=300x250&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fwww.loginask.com%2Farvest-mobile-banking-online-sign-in-bank%3Fcid%3D60b138947d6bc05cfbcdfb57&nse=5&vi=1631678832538474419&ugd=4&nb=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUW5E86S

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

189509e99e4bd31036f216a02d47221b9b471e775da2eaffd4452fa40479fb9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 8-1
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
date: Wed, 15 Sep 2021 04:07:13 GMT
x-mnt-w: 10-5, 10-9
content-length: 24480
expires: Wed, 15 Sep 2021 04:07:13 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame DA08 15 KB
6 KB 17ms
17ms Document
text/html 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUW5E86S&https=1&itype=CM

Requested by

Host: www.loginask.com
URL: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

717df14652123c35951a3c27185cadd70456c6f6c922be9650c6b45b3aa6f38b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUW5E86S&https=1&itype=CM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.loginask.com/
accept-encoding: gzip, deflate, br
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Sat, 19 Mar 2022 04:07:12 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Fri, 17 Sep 2021 04:07:12 GMT
date: Wed, 15 Sep 2021 04:07:12 GMT
content-length: 5706

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 5025ms
8ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=1&prid=8PRRE5KU4&cid=8CUW5E86S&crid=648708063&vi=1631678832538474419&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886781042&r=1631678832730&requrl=https%3A%2F%2Fwww.loginask.com%2Farvest-mobile-banking-online-sign-in-bank%3Fcid%3D60b138947d6bc05cfbcdfb57&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=33438&vgd_rakh=1631678832176171936&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p0799840541t202109150407&vgd_pgids=1&vgd_uspa=0&hvsid=00001631678832726036324930569545&gdpr=1&vgd_end=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Wed, 15 Sep 2021 04:07:17 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 15 Sep 2021 04:07:17 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 77ms
27ms Script
application/javascript 142.250.187.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.loginask.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 04:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 232 KB
42 KB 633ms
633ms XHR
text/plain 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4143300495475903&correlator=444297367318545&output=ldjh&impl=fifs&eid=31060439%2C31062366%2C31062220%2C31062524%2C31062527&vrg=2021091001&ptt=17&sc=1&sfv=1-0-38&ecs=20210915&iu_parts=93656639%2Cloginask.com%2Cloginask_interstitial%2Cloginask_title_search%2Cloginask_left_search&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4&prev_iu_szs=1x1%2C1024x768%7C768x1024%7C320x480%7C480x320%2C680x300%7C300x250%2C300x600&ists=8&fas=8%2C0%2C0%2C0&cookie_enabled=1&bc=31&abxe=1&lmt=1631678832&dt=1631678832775&dlt=1631678832174&idt=577&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C-12245933%2C425%2C8&adys=-9%2C-12245933%2C326%2C78&adks=2079887725%2C3023750137%2C4294892253%2C3646272678&ucis=1%7C2%7C3%7C4&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.loginask.com%2Farvest-mobile-banking-online-sign-in-bank%3Fcid%3D60b138947d6bc05cfbcdfb57&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C1600x1330%7C750x250%7C400x616&msz=0x-1%7C1024x0%7C750x250%7C384x600&ga_vid=876521406.1631678833&ga_sid=1631678833&ga_hid=1032948873&ga_fc=false&fws=2%2C132%2C4%2C516&ohw=0%2C1600%2C1600%2C1600&btvi=-1%7C-1%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

cafe /

Resource Hash

c853c067ae554f5fd8d374a49b9706edc777ad85c38b1c96d0fa91673820cbf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43129
x-xss-protection: 0
google-lineitem-id: -1,-2,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.loginask.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EF75 6 KB
4 KB 104ms
25ms Document
text/html 142.250.178.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.loginask.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 15 Sep 2021 04:07:12 GMT
expires: Thu, 15 Sep 2022 04:07:12 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2021091001.js Show response
securepubads.g.doubleclick.net/gpt/ 39 KB
14 KB 38ms
38ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021091001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

34ecbed7b7a8a54fecc746fc9711f73b5c56698f06d36640c9e3a23b07b6cddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14156
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 19:52:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Sep 2021 04:07:12 GMT

GET
H2 200 ca-pub-5258751771164045 Show response
fundingchoicesmessages.google.com/i/ 93 KB
35 KB 110ms
60ms Script
application/javascript 142.250.200.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5258751771164045?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5258751771164045&plah=www.loginask.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

ESF /

Resource Hash

8d6d18f48c85508075824f7d7fd195cff24d9977bdbb3b4a2b47dfd2ff563763

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hdU9pQSafarK3X3MiNUKaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-hdU9pQSafarK3X3MiNUKaA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-hdU9pQSafarK3X3MiNUKaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-hdU9pQSafarK3X3MiNUKaA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options: SAMEORIGIN
date: Wed, 15 Sep 2021 04:07:12 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ 2 KB
548 B 50ms
26ms Stylesheet
text/css 142.250.187.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f10.1e100.net

Software

ESF /

Resource Hash

0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 03:02:30 GMT
server: ESF
date: Wed, 15 Sep 2021 04:07:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 04:07:12 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 110ms
34ms Image
image/gif 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1485977301784982&ev=PageView&dl=https%3A%2F%2Fwww.loginask.com%2Farvest-mobile-banking-online-sign-in-bank%3Fcid%3D60b138947d6bc05cfbcdfb57&rl=&if=false&ts=1631678832886&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631678832885.1892984377&it=1631678832712&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 15 Sep 2021 04:07:12 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 47ms
21ms Font
font/woff2 172.217.169.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.169.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s09-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.loginask.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 06:48:51 GMT
x-content-type-options: nosniff
age: 335901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Sep 2022 06:48:51 GMT

POST
H3 204 AGSKWxVKQjiltF1F-fcjxJcmxHE9rIhuqResaZTMkFwByPxR2wR278QYfzWbABAwarpuUpHLqi8NJi4f7rUe_ZKD7gI= Show response
fundingchoicesmessages.google.com/el/ 0
27 B 73ms
35ms XHR
text/html 142.250.200.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVKQjiltF1F-fcjxJcmxHE9rIhuqResaZTMkFwByPxR2wR278QYfzWbABAwarpuUpHLqi8NJi4f7rUe_ZKD7gI=?pvid=57CB5A1B-A6F8-4DED-B684-490D4AD2A0B0&anonid=9A1A4BD5-993C-4332-8FEE-065F4D4C0754

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.fVk_UqJH9gU.es5.O/d=1/rs=AJlcJMy5mbjJEERC5Ejfx1UmkY-l0QUiPw/m=loader_js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tO6RQ5jwePlSjP2vR00rDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-tO6RQ5jwePlSjP2vR00rDg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.loginask.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Sep 2021 04:07:13 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.loginask.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-tO6RQ5jwePlSjP2vR00rDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-tO6RQ5jwePlSjP2vR00rDg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVKVin08j2mUQmpKYYoB4gpkbhgZJXooNoOaaTg2RPM2qXI-NHXZi9fx-IchLV-MeM7OaSJatZs7M43BBsFCj0= Show response
fundingchoicesmessages.google.com/f/ 65 KB
25 KB 87ms
49ms Script
application/javascript 142.250.200.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVKVin08j2mUQmpKYYoB4gpkbhgZJXooNoOaaTg2RPM2qXI-NHXZi9fx-IchLV-MeM7OaSJatZs7M43BBsFCj0=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjMxNjc4ODMzLDI0MDAwMDAwXSwiNTdDQjVBMUItQTZGOC00REVELUI2ODQtNDkwRDRBRDJBMEIwIiwiOUExQTRCRDUtOTkzQy00MzMyLThGRUUtMDY1RjRENEMwNzU0IixudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LmxvZ2luYXNrLmNvbS9hcnZlc3QtbW9iaWxlLWJhbmtpbmctb25saW5lLXNpZ24taW4tYmFuayJd

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.fVk_UqJH9gU.es5.O/d=1/rs=AJlcJMy5mbjJEERC5Ejfx1UmkY-l0QUiPw/m=loader_js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

ESF /

Resource Hash

3fccfb3082b868d6de65a9f598bad6e4e947ff863848ca177be8945874112830

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RdTJE8uDdU5WmjQkd0SF/Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-RdTJE8uDdU5WmjQkd0SF/Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 04:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-RdTJE8uDdU5WmjQkd0SF/Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-RdTJE8uDdU5WmjQkd0SF/Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.fVk_UqJH9gU.es5.O/d=1/rs=AJlcJMy5mbjJEERC5Ejfx1UmkY-l0QUiPw/m=loader_js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e9M03Ms8IBA884JapyeVUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-e9M03Ms8IBA884JapyeVUQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.loginask.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Sep 2021 04:07:13 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.loginask.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-e9M03Ms8IBA884JapyeVUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-e9M03Ms8IBA884JapyeVUQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
440 B 36ms
30ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.loginask.com&callback=_gfp_s_&client=ca-pub-5258751771164045

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

cafe /

Resource Hash

4ade2e1da1541ca7a829992e9e886064dae168384b5c4225e99a1c08dda2a1c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 101ms
33ms Script
application/javascript 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.loginask.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 04:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 66ms
27ms Script
application/javascript 142.250.187.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.loginask.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 04:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E752 25 KB
5 KB 204ms
179ms Document
text/html 142.250.200.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5258751771164045&output=html&adk=1812271804&adf=3025194257&lmt=1631678833&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.loginask.com%2Farvest-mobile-banking-online-sign-in-bank%3Fcid%3D60b138947d6bc05cfbcdfb57&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631678832622&bpp=4&bdt=448&idt=183&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6663260546619&frm=20&pv=2&ga_vid=876521406.1631678833&ga_sid=1631678833&ga_hid=1032948873&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062524%2C31062527&oid=3&pvsid=4143300495475903&pem=185&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s29-in-f2.1e100.net

Software

cafe /

Resource Hash

3d86f67191ba243508ba7a40253f75c8d9eda257b270287dc02b653c48c5ca10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-5258751771164045&output=html&adk=1812271804&adf=3025194257&lmt=1631678833&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.loginask.com%2Farvest-mobile-banking-online-sign-in-bank%3Fcid%3D60b138947d6bc05cfbcdfb57&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631678832622&bpp=4&bdt=448&idt=183&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6663260546619&frm=20&pv=2&ga_vid=876521406.1631678833&ga_sid=1631678833&ga_hid=1032948873&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062524%2C31062527&oid=3&pvsid=4143300495475903&pem=185&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=419
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.loginask.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 15 Sep 2021 04:07:13 GMT
server: cafe
content-length: 5046
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 15-Sep-2021 04:22:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 15 Sep 2021 04:07:13 GMT
cache-control: private

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 68ms
36ms XHR
application/json 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210908&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

2e23e2112b41c45a51ce100c204f0fd4759dfe3c958c5727f77c258e92c05d9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 04:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8457
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 101ms
39ms Script
text/javascript 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

sffe /

Resource Hash

aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27627
x-xss-protection: 0
server: sffe
etag: "1631547519045135"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 15 Sep 2021 04:07:13 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 75ms
26ms Script
text/javascript 216.58.212.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s28-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 15 Sep 2021 04:07:13 GMT

POST
H3 204 AGSKWxUDBwTUdhqdrgw2JxEDCRFwVH5kQqkBwe3dY5rkmg1eJLRoc6lAu1N_mNsv-5S182QjZmra96fpevt1taiiy-2JVJ7cGS61Sdoar6puLuBN0-GEV0Cfj6rQgZx0waW7lRzXgKnYsOxjs0GHauIRexiyMB3QSC_7-eGBkrRoz5rW1m_u0MPTg3Gxz-xb Show response
fundingchoicesmessages.google.com/el/ 0
27 B 34ms
34ms XHR
text/html 142.250.200.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUDBwTUdhqdrgw2JxEDCRFwVH5kQqkBwe3dY5rkmg1eJLRoc6lAu1N_mNsv-5S182QjZmra96fpevt1taiiy-2JVJ7cGS61Sdoar6puLuBN0-GEV0Cfj6rQgZx0waW7lRzXgKnYsOxjs0GHauIRexiyMB3QSC_7-eGBkrRoz5rW1m_u0MPTg3Gxz-xb

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.9tX8M3J-e3k.es5.O/d=1/rs=AJlcJMwX20G_87spQmHA5qU3Nv5kr7aItg/m=iabccpawebsignalscript

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dQmOw/Ync9urT1zWoeHXzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-dQmOw/Ync9urT1zWoeHXzQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.loginask.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Sep 2021 04:07:13 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.loginask.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-dQmOw/Ync9urT1zWoeHXzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-dQmOw/Ync9urT1zWoeHXzQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q57i8mZw9XmMF07tF4GcrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Q57i8mZw9XmMF07tF4GcrA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.loginask.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Sep 2021 04:07:13 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.loginask.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-Q57i8mZw9XmMF07tF4GcrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Q57i8mZw9XmMF07tF4GcrA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUtDj9AY7G2c1Y853DtiTphlnAhN8eqZX_Xa0cmdf6tLQIQ2Pg8_u6jxfcx1Jd1RAdrvhflYe8kKbnkUmyYDBkGALyufBfajzZYYCWnMehpkboGY4twdYh4tC9FpuLF3rZN-mh0PpqNRGEshdMKov9PYaRnc60Bbrs6QL-xI8pMcmSg5vMv4E-Cbl8r Show response
fundingchoicesmessages.google.com/f/ 85 KB
31 KB 57ms
56ms Script
application/javascript 142.250.200.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUtDj9AY7G2c1Y853DtiTphlnAhN8eqZX_Xa0cmdf6tLQIQ2Pg8_u6jxfcx1Jd1RAdrvhflYe8kKbnkUmyYDBkGALyufBfajzZYYCWnMehpkboGY4twdYh4tC9FpuLF3rZN-mh0PpqNRGEshdMKov9PYaRnc60Bbrs6QL-xI8pMcmSg5vMv4E-Cbl8r?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjMxNjc4ODMzLDE0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly93d3cubG9naW5hc2suY29tL2FydmVzdC1tb2JpbGUtYmFua2luZy1vbmxpbmUtc2lnbi1pbi1iYW5rIl0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

ESF /

Resource Hash

bdbcf8525eb679d3308de9ffab9509f580edee3a58651017d8d80f22681e2f30

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PbATCbPz3AcgkxIP2wl+jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-PbATCbPz3AcgkxIP2wl+jw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 04:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-PbATCbPz3AcgkxIP2wl+jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-PbATCbPz3AcgkxIP2wl+jw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9E2C 12 KB
5 KB 157ms
17ms Document
text/html 216.58.212.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s28-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.loginask.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 14 Sep 2021 14:48:16 GMT
expires: Wed, 14 Sep 2022 14:48:16 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 47937
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A1F4 783 B
534 B 166ms
28ms Document
text/html 216.58.213.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.4 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f4.1e100.net

Software

GSE /

Resource Hash

6d905ef73030456ba9c371c042c5ed7b15db76c7c9ff686b8fd5fc0e9c217458

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EQRJb+rBkglrk6TMn8qjbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.loginask.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 15 Sep 2021 04:07:13 GMT
date: Wed, 15 Sep 2021 04:07:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-EQRJb+rBkglrk6TMn8qjbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 nrrV75218.js Show response
contextual.media.net/4a/ Frame 5FBD 91 KB
30 KB 23ms
22ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV75218.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUW5E86S

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7618768090e32848b3c5abce05975b4257482e32a4e7b608bfa1cdda9ab67c3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "c53f2262e80694755622bcd133fd9789"
vary: Accept-Encoding
x-mnet-h: 10-7
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Wed, 15 Sep 2021 04:07:13 GMT
content-length: 30044
expires: Wed, 29 Sep 2021 04:07:13 GMT

GET
H2 200 1x1.gif
contextual.media.net/__media__/pics/800028474/ Frame 5FBD 42 B
205 B 10ms
10ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/__media__/pics/800028474/1x1.gif

Requested by

Host: www.loginask.com
URL: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:13 GMT
last-modified: Mon, 04 Jun 2018 10:04:19 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: image/gif
cache-control: max-age=1066631
accept-ranges: bytes
content-length: 42
expires: Mon, 27 Sep 2021 12:24:24 GMT

GET
DATA 200
OK truncated
/ Frame 5FBD 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5FBD 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Roboto-Regular.woff
contextual.media.net/__media__/fonts/Roboto-Regular/ Frame 5FBD 24 KB
25 KB 30ms
17ms Font
application/font-woff 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/Roboto-Regular/Roboto-Regular.woff

Requested by

Host: www.loginask.com
URL: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.loginask.com/
Origin: https://www.loginask.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:13 GMT
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25020
expires: Thu, 16 Sep 2021 04:07:13 GMT

GET
H2 200 bullet13.woff
contextual.media.net/__media__/fonts/bullet13/ Frame 5FBD 2 KB
2 KB 35ms
23ms Font
application/font-woff 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/bullet13/bullet13.woff

Requested by

Host: www.loginask.com
URL: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6139b4d0af528ec1d0e26ae865c1ca04ac061d844ffa6ccc9e4adaa3af93a2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.loginask.com/
Origin: https://www.loginask.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:13 GMT
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1692
expires: Thu, 16 Sep 2021 04:07:13 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 5FBD 15 B
216 B 4406ms
9ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001631678832726036324930569545&geo=50.12|8.68&dlper=25&lper=100&fp=wdNKVeXfzqfv5N_3t-AV9t-Sf3kqD6bNrIEQ-9rWKIB6BzQM6J4ybG_lpL12MC_ujcLzgHi4YO7FLgdyHaUQbmxbRqxpPM44DIoKUnKuy8bNYOA-CTzEJZsLa8pC_xKj&lpid=&tsid=1&q=&prv=&type=&ps=&cme=-qkzMpzS_SLC6x2BHG87rAZzBCfWToEmXvv6b0l8LWBIrIY5KQzRqfW5Wlz_RBpgt1lLcdteVZ6O33FBsAxWRwlZWMWMoGLZnLb7tAVbcYCgNP3mNtrmWPNwqx4GHOMcKcCB4TkQ8fgUrnRJl2YYeBsLjlJP8Mo3CwvmK6CtiXtkcBgFvU6q4Vm-KUaahMRiOcV_209goab4Y4tZM34pfnZ9iDe5uQ0Z%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CHxHl-Pawf_6GhOz9mQFOABywBgAcuz_ab9_U2bAGwZr49uKpM0A2Q1LmoWZNoMQgWND9Mkfpxqdxl5G9J81f4v1GoLVbfYAMTsoqvnkDbWg0wwuQrmrG8yDTRTfMrYhB%7CN7fu2vKt8_s%3D%7ChecQkeldXNJOpoyye_XpPcUnK09w2mRVy21YvV3Rmxi89jSA1n9CsEEIc8eIQuRF1HUwV_1q4MQfNbkdNd4ZKyKK4RutQy_UnClKXO8szJaUD-UwWTBX5_C482JdpCMLBkGwHaqyF6tLbejrAz_JLbodhA-f0KM5mvULsam2qIqTKe0YYXrBDwa03E-ba-bUYXxmePVeeVhfXeozQQ9jWA%3D%3D%7C&hint=&td=&cc=DE&wsip=2887305231&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=u9oNu9&vgde_setid=Nu9&&rc=0&ksu=206&fdkt=240&kwd[]=Hot%20Stocks%20To%20Buy%20Now&kwt[]=240&kbc[]=c57a168271b61772c588847fffbf8e7d.d2s&kwp[]=1&kid[]=97172517&kbc2[]=rps%3D1.87%7C%7Cps%3D0.387%7C%7Crpc%3D1.19%7C%7Clvl%3D3.03&ktd[]=274911592704&kwd[]=10%20Best%20Stocks%20to%20Buy%20Now&kwt[]=240&kbc[]=c57a168271b61772c588847fffbf8e7d.d2s&kwp[]=2&kid[]=321595960&kbc2[]=rps%3D1.30%7C%7Cps%3D0.387%7C%7Crpc%3D0.27%7C%7Clvl%3D1.50&ktd[]=274911592704&kwd[]=Jim%20Cramer%20Stocks%20to%20Buy&kwt[]=240&kbc[]=c57a168271b61772c588847fffbf8e7d.d2s&kwp[]=3&kid[]=321298834&kbc2[]=rps%3D1.12%7C%7Cps%3D0.387%7C%7Crpc%3D0.24%7C%7Clvl%3D1.50&ktd[]=274911592704&kwd[]=Digital%20Marketing%20Tactics&kwt[]=240&kbc[]=c57a168271b61772c588847fffbf8e7d.d2s&kwp[]=4&kid[]=327518033&kbc2[]=rps%3D0.33%7C%7Cps%3D0.387%7C%7Crpc%3D0.19%7C%7Clvl%3D1.00&ktd[]=274894815488&kwd[]=Best%20Cyber%20Security%20Courses&kwt[]=240&kbc[]=c57a168271b61772c588847fffbf8e7d.d2s&kwp[]=5&kid[]=329872781&kbc2[]=rps%3D0.57%7C%7Cps%3D0.387%7C%7Crpc%3D0.27%7C%7Clvl%3D1.00&ktd[]=274894815488&rand=1631678833360&cid=8CUW5E86S&vwid=1631678832538474419&vi=1631678832538474419&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=HE&vgd_l1rakh=1631678832176171936&vgd_l1rhst=contextual.media.net&vgd_lhl=956&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1631678832726&upk=1631678833.10263&hvsid=00001631678832726036324930569545&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D33438&vgd_isiolc=1&pid=8PO4PUVE3&katen=1&pc=9&vgd_pgid=p0799840541t202109150407&matm=1631678833365&vgd_ltime=647&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D33438&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=HE&vgd_l1ch=1&vgd_katid=808060795&vgd_katbid=-21&vgd_kals=ttype%3D10017%7C%7Cpc%3D9&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2887305235&vgd_nrrsf=nrr&vgd_nrrv=75218&vgd_nrrs=75218&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-648708063%7CDIV&vgd_x_pos=1215&vgd_y_pos=125&vgd_ren_page_h=1331&vgd_cty=FRANKFURT&vgd_l1hcsd=A18%7C6026&vgd_sethcsd=A1%7C6120&vgd_cfud=210811&vgd_is_amp=0&vgd_optout=0&vgd_l2ch=0&vgd_ect=4g&vgd_rensize=370_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_mbr=1&vgd_l1rpth=%2Fdmedianet.js&vgd_pgids=1&requrl=https%3A%2F%2Fwww.loginask.com%2Farvest-mobile-banking-online-sign-in-bank%3Fcid%3D60b138947d6bc05cfbcdfb57&oRurl=http%3A%2F%2Fcdn3e%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DDE%26isOffice%3D0%26fvips%3D0%26vi%3D1631678832538474419%26esi%3D1%26size%3D300x250%26crid%3D648708063%26vpf%3D000%26cid%3D8CUW5E86S%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3D7IF0V1_rFgVDZHruKRUCeA%253d%253d%26nb%3D1%26cb%3Dwindow._mNDetails.initAd%26gdpr%3D1%26pid%3D8PO4PUVE3%26requrl%3Dhttps%253a%252f%252fwww.loginask.com%252farvest-mobile-banking-online-sign-in-bank%253fcid%253d60b138947d6bc05cfbcdfb57%26%26katid%3D808060795%26katen%3D1%26katbid%3D-21&tdAdd[]=uiparams%3D%3Brend_w%3A370%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV75218.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Wed, 15 Sep 2021 04:07:17 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Wed, 15 Sep 2021 04:07:17 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 69ms
34ms Image
image/gif 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1485977301784982&ev=Microdata&dl=https%3A%2F%2Fwww.loginask.com%2Farvest-mobile-banking-online-sign-in-bank%3Fcid%3D60b138947d6bc05cfbcdfb57&rl=&if=false&ts=1631678833390&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22arvest.cardmanager.com%20Login%20Information%2C%20Account%7CLoginask%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22arvest.cardmanager.com%20Login%20Information%2C%20Account%7CLoginask%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fwww.loginask.com%2Farvest-mobile-banking-online-sign-in-bank%3Fcid%3D60b138947d6bc05cfbcdfb57%22%2C%22og%3Aimage%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1631678832885.1892984377&it=1631678832712&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 15 Sep 2021 04:07:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A1F4 0
0 45ms
45ms Image
text/html 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210908&jk=4143300495475903&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.179.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr25s31-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3 200 63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E2C 35 KB
13 KB 18ms
18ms Script
text/javascript 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

sffe /

Resource Hash

eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 19:41:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13458
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 19:41:58 GMT

GET
H3 200 container.html Show response
e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2853 6 KB
3 KB 63ms
28ms Document
text/html 142.250.178.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.loginask.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 15 Sep 2021 04:07:12 GMT
expires: Thu, 15 Sep 2022 04:07:12 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4D8B 6 KB
3 KB 64ms
30ms Document
text/html 142.250.178.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.loginask.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 15 Sep 2021 04:07:12 GMT
expires: Thu, 15 Sep 2022 04:07:12 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 69FA 6 KB
3 KB 66ms
33ms Document
text/html 142.250.178.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.loginask.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 15 Sep 2021 04:07:12 GMT
expires: Thu, 15 Sep 2022 04:07:12 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css2
fonts.googleapis.com/ Frame 2853 4 KB
633 B 26ms
26ms Stylesheet
text/css 142.250.187.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f10.1e100.net

Software

ESF /

Resource Hash

e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 03:07:33 GMT
server: ESF
date: Wed, 15 Sep 2021 04:07:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 04:07:13 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2164 3 KB
578 B 26ms
26ms Stylesheet
text/css 142.250.187.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f10.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 03:01:17 GMT
server: ESF
date: Wed, 15 Sep 2021 04:07:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 04:07:13 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 2164 1 KB
857 B 18ms
17ms Script
text/javascript 216.58.212.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s28-in-f1.1e100.net

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 03:38:05 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/ Frame 2164 18 KB
7 KB 18ms
18ms Script
text/javascript 216.58.212.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/abg_lite_fy2019.js

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s28-in-f1.1e100.net

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 04:02:56 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 2164 2 KB
1 KB 18ms
18ms Script
text/javascript 216.58.212.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s28-in-f1.1e100.net

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 03:42:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2164 125 KB
38 KB 53ms
29ms Script
text/javascript 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

sffe /

Resource Hash

f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38646
x-xss-protection: 0
server: sffe
etag: "1631547526571764"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 15 Sep 2021 04:07:13 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 2164 14 KB
6 KB 18ms
18ms Script
text/javascript 216.58.212.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s28-in-f1.1e100.net

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 02:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 02:34:20 GMT

GET
H2 200 8b8c639f95e935c054a6465040a495ee.js Show response
www.gstatic.com/mysidia/ Frame 2164 26 KB
11 KB 67ms
18ms Script
text/javascript 172.217.169.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s26-in-f3.1e100.net

Software

sffe /

Resource Hash

42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 03:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10883
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 00:31:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 Dec 2021 03:10:06 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/elements/html/ Frame 2853 17 KB
8 KB 17ms
17ms Script
text/javascript 216.58.212.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s28-in-f1.1e100.net

Software

cafe /

Resource Hash

89e590d44510a10b9602ebffa228e2d8a2f2aeb1acc462b51cd19df5f5434308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 23:23:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17042
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7656
x-xss-protection: 0
server: cafe
etag: 8352096984186353373
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Sep 2021 23:23:11 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2853 205 B
294 B 84ms
38ms Image
image/png 172.217.169.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s26-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 02:52:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 436487
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
expires: Sat, 10 Sep 2022 02:52:26 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2853 604 B
926 B 83ms
38ms Image
image/png 172.217.169.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s26-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 22:44:19 GMT
x-content-type-options: nosniff
age: 19374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 14 Sep 2022 22:44:19 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4D8B 2 KB
531 B 31ms
30ms Stylesheet
text/css 142.250.187.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f10.1e100.net

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 03:07:49 GMT
server: ESF
date: Wed, 15 Sep 2021 04:07:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 04:07:13 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 4D8B 1 KB
857 B 18ms
17ms Script
text/javascript 216.58.212.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s28-in-f1.1e100.net

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 03:38:05 GMT

GET
H2

200

view_pixel_1x1.gif Show response
secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/ Frame 4D8B
Redirect Chain

https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-157687-884638-9&mkcid=4&mkevt=2&mpt=1888868840&ff18=mWeb&siteid=77&adtype=0&size=1x1&ipn=admain2&placement=529704
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

43 B
538 B

85ms
6ms

Fetch
image/gif

104.75.89.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-51.deploy.static.akamaitechnologies.com

Software

envoy /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

suppress-x-frame-options: true
content-encoding: gzip
x-content-type-options: nosniff
x-cache-lookup: HIT from include-cache-0:80
x-ebay-pop-id: UFES2-SYD-irstatic-1
akamai-grn: 0.8b6656b8.1631678834.20ee4cf4
x-envoy-upstream-service-time: 154
content-length: 57
x-xss-protection: 1; mode=block
server: envoy
date: Wed, 15 Sep 2021 04:07:14 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
rlogid: t6q%60uebwh%3D9vjdq%60uebwh*yfpau%28rbpv6770-1756a790d4f-0xb4
access-control-allow-headers: *
expires: Thu, 15 Sep 2022 04:07:14 GMT

Redirect headers

date: Wed, 15 Sep 2021 04:07:13 GMT
server: ebay-proxy-server
x-ebay-pop-id: SLBRNOAZ03
strict-transport-security: max-age=31536000
location: https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif
cache-control: private,no-cache,no-store
x-envoy-upstream-service-time: 140
rlogid: t6baubqsodf%3F%3Ctofgcp%60tqjfc*e%7D%605y%28rbpv6775-17be7a325b1-0x235a
content-length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4D8B 0
0 39ms
38ms Fetch
text/html 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBBHIcHFBYfDQM42ZxgL4zJqAB9WKkuZkzMfQ__0Llf2fpoAYEAEgp8bnLGCVgoCAlAegAe2DzcEDyAEJqQJUzvh2M86zPuACAKgDAcgDmwSqBJgCT9BzJN8wsHXqrGS2OiwEIkfx778wSjnMv4E9d4D-dVRtIESOdxUUCdWPSdtyEhcAgcihNQLbHl3mzODdUohsiCOdszqmt5vnvyp_bioNvieG-Ae2NARxEx1CxZVeZlAKUdGvXpF_yZkvLf9R8hMQwC1vDSduWHZD3F3crF3KQvza8x2SEfv2ajl6nFWBedmKs5Jv7zFAHS-Nrrmz3TKRCp46i3mHglDPYXLdFmwy0Yuajfe9rpKeQpk8W5kr3sYWWrdYHIEdwMKPpJQa6KspWnYCdmh5G7IsKg-XqN9IJU65HMvUlqGJwBPLGzCAQnUNqNoHzcQU_eFmoGTWoegEBTI8Iyea5kVtPxju_WfwwsmBFfmUX0zJdsAE9oe3-8EC4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_v7sj6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBCE-yzSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc2NzMyNTg2MjY1MTc3NTaACgPICwHYEwuIFAbQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzAwMjQ5MTAwMjQwOTkxORiHrx0&sigh=MVP7Bwhyy0k&template_id=494
Requested by: Host: www.loginask.com
URL: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.178.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr48s27-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/ Frame 4D8B 18 KB
7 KB 18ms
17ms Script
text/javascript 216.58.212.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/abg_lite_fy2019.js

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s28-in-f1.1e100.net

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 04:02:56 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 4D8B 2 KB
1 KB 30ms
29ms Script
text/javascript 216.58.212.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s28-in-f1.1e100.net

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 03:42:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D8B 125 KB
38 KB 63ms
51ms Script
text/javascript 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

sffe /

Resource Hash

f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38646
x-xss-protection: 0
server: sffe
etag: "1631547526571764"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 15 Sep 2021 04:07:13 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 4D8B 14 KB
6 KB 21ms
21ms Script
text/javascript 216.58.212.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s28-in-f1.1e100.net

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 02:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 02:34:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4D8B 0
0 25ms
25ms Image
text/html 216.58.213.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSOVBswV0jtRBWDxLZkQtZeRCOWWpcKupVS2wcnK2XS9XlV-Ex8K0-5t80nFZHHF0lkyJSbXw89ZlMDk0pxtZP3wDIomQ
Requested by: Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.213.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr25s25-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 8b8c639f95e935c054a6465040a495ee.js Show response
www.gstatic.com/mysidia/ Frame 4D8B 26 KB
11 KB 59ms
22ms Script
text/javascript 172.217.169.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s26-in-f3.1e100.net

Software

sffe /

Resource Hash

42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 03:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10883
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 00:31:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 Dec 2021 03:10:06 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 69FA 0
0 39ms
38ms Fetch
text/html 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CKXZncHFBYfHQM42ZxgL4zJqAB4qKtMth8sDg7boNqc2OgJQOEAEgp8bnLGCVgoCAlAegAZ2w7qEDyAECqQJUzvh2M86zPuACAKgDAcgDmQSqBKQCT9Be9pn9_tkcMEFoZtNCQ8kGfL6jphDAX9If7gngLWXD_CuLe2OF-fdY1IgeH2I4cJFge2Bts5HaKUs9JwAZVdUcPR6ifY_UfZHw1ROwyKQmWe2oa_4kyrIycz4GIPGAwrtW3iuNJYU3ifHhHu0N5qoi5cJ4m7AfeMQX_gPupdTOb9EzddOTkPxZP83vAlV3f0JtZz7zGKHfhbif-Pi8AwEpQJbgeS9OLpNmNLSVWZ90FmhXCq24_qq-WlWWqH800uuCUW1j82Ym1rOAJMWSKl3m1tkCQsfaj9FZn0qfznzStaa_34uBg64qFqyr12I5pm9YoxDQvGXGMSa8aNcs_F3LOLnV9syz4aQWi0xXNKDTporFj31_vQe4lruZuuncmpNgUsAEmpmaw-sB4AQBkgUECAQYAZIFBAgFGASgBgKAB_W0m16oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcB8gcEEJOnGdIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzY3MzI1ODYyNjUxNzc1NoAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi03MDAyNDkxMDAyNDA5OTE5GIevHQ&sigh=-Qs44f2uXp4
Requested by: Host: www.loginask.com
URL: https://www.loginask.com/arvest-mobile-banking-online-sign-in-bank?cid=60b138947d6bc05cfbcdfb57
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.178.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr48s27-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/ Frame 69FA 18 KB
7 KB 21ms
21ms Script
text/javascript 216.58.212.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/abg_lite_fy2019.js

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s28-in-f1.1e100.net

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 04:02:56 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 69FA 2 KB
1 KB 26ms
25ms Script
text/javascript 216.58.212.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s28-in-f1.1e100.net

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 03:42:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 69FA 125 KB
38 KB 52ms
44ms Script
text/javascript 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

sffe /

Resource Hash

f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38646
x-xss-protection: 0
server: sffe
etag: "1631547526571764"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 15 Sep 2021 04:07:13 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 69FA 14 KB
6 KB 22ms
20ms Script
text/javascript 216.58.212.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s28-in-f1.1e100.net

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 02:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 02:34:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 69FA 0
0 27ms
24ms Image
text/html 216.58.213.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1SncImi53Qc_mdiCGLnI7WgcNfR_UI3iJjF32XdbaTNQwwTalpz-dhUCfOCcWuDQYB6PN4NpXzIV-eRd5fCv45h0W0A
Requested by: Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.213.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr25s25-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 69FA 26 KB
11 KB 25ms
23ms Script
text/javascript 216.58.212.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s28-in-f1.1e100.net

Software

cafe /

Resource Hash

68c0963132a718fb55a75766463363f92c5e418d2352ca29752150df50708a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 13:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10868
x-xss-protection: 0
server: cafe
etag: 12321585598139428879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Sep 2021 13:57:08 GMT

GET
H3 200 11150108107755908711
tpc.googlesyndication.com/simgad/ Frame 69FA 43 KB
43 KB 29ms
27ms Image
image/png 216.58.212.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11150108107755908711?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmUSM4H1nMZ8q6sP-kjgUZDQePipQ

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s28-in-f1.1e100.net

Software

sffe /

Resource Hash

379728be2d7795529aeed2b55757fc1e6b00aa0513d0c2ca395e5810d14adcec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:08:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 29 Jun 2021 11:22:30 GMT
server: sffe
age: 262730
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43928
x-xss-protection: 0
expires: Mon, 12 Sep 2022 03:08:23 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 4D8B 44 KB
44 KB 108ms
40ms Image
image/jpeg 142.250.179.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQgW45Kd6vPX38SHqZ8iAcjS93VU24yJBCCnvvAyaWpDJaKDUypdFLHquqdHA&usqp=CAI

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f14.1e100.net

Software

sffe /

Resource Hash

b219fa166f2c854b27eb102e8a61552277a0758045f48c49a73aad9ba7208736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 06:29:37 GMT
x-content-type-options: nosniff
last-modified: Fri, 02 Aug 2019 18:43:18 GMT
server: sffe
age: 164256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45388
x-xss-protection: 0
expires: Tue, 13 Sep 2022 06:29:37 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 4D8B 18 KB
18 KB 70ms
20ms Image
image/jpeg 142.250.187.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRN4rcR-Bn_D5VQzGbIdwZjUpGccBvMJfzf_FP5oZxhUoB5f9Q&usqp=CAI

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f14.1e100.net

Software

sffe /

Resource Hash

bf38412c603e0271caca4bb836b6cef517bf17ff6509fe8d84377c7f0b0e53ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:24:46 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Aug 2021 01:49:36 GMT
server: sffe
age: 261747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18333
x-xss-protection: 0
expires: Mon, 12 Sep 2022 03:24:46 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 4D8B 29 KB
30 KB 86ms
19ms Image
image/jpeg 142.250.179.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQN9xHwgjIIW10QwFy6bV009hesX0VbnyI1NEb3r04-LT8p1f0&usqp=CAI

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f14.1e100.net

Software

sffe /

Resource Hash

944826e0abcde22f077a1de2970b30f3033e75a6d66b57db7e675c8adef20244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 07:08:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Dec 2020 08:39:58 GMT
server: sffe
age: 507521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29792
x-xss-protection: 0
expires: Fri, 09 Sep 2022 07:08:32 GMT

GET
H3

200

2401371329490837093
tpc.googlesyndication.com/simgad/ Frame 4D8B
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD34sLimAEQgAkYgQkyCLhTVvxEnQYN
https://tpc.googlesyndication.com/simgad/2401371329490837093

98 KB
98 KB

18ms
18ms

Image
image/jpeg

216.58.212.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2401371329490837093

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s28-in-f1.1e100.net

Software

sffe /

Resource Hash

270be58b040d0b59d87a4deea0ca09e1b49916b84858005cd3e3e1f2d302ba32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:04:35 GMT
x-content-type-options: nosniff
age: 432158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100649
x-xss-protection: 0
last-modified: Wed, 05 May 2021 19:23:23 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Sep 2022 04:04:35 GMT

Redirect headers

timing-allow-origin: *
date: Tue, 14 Sep 2021 22:51:40 GMT
x-content-type-options: nosniff
server: cafe
age: 18933
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/2401371329490837093
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 14 Oct 2021 22:51:40 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F980 143 B
163 B 19ms
18ms Document
text/html 142.250.200.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s29-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 15 Sep 2021 04:02:00 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 31ms
30ms Image
image/gif 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210908&jk=4143300495475903&bg=!BwSlBEDNAAYT0U73E9E7ACkAdvg8WvTZIzVqEY3o4434dfoaPP6h2HvFSYHPPVmKXgokgdmBgNK5HQIAAADCUgAAADloAQcKADBi1mLr0uGdGoxCSCsx4zeWDsakI1_3oRQG8Pa6BC8XnOK4D9D6Bxr-qPg7TWPEh0yZAovL-qSu-lhhl2toTO2KN6Bgw8LPspyDuXvhZo9bXhIW_ihWKUdry8v7J9EyU86jSMI5KaJDhg5ZqgGafeeQdx_8tNvB_Dy4jgcmUR_emQuT1C1GFyIWEJ1qsvAKWtR3-KAgMhTvtcGbPvrn18eSb8pyNlCLmSNSBjS7nTNtW4LjvsNoZIc9KOiNjtvLF77z4-d108c2RmCzkIuNQ-Ke66yFTXKJYMrwCIsVGa6W6KF9fwmmRVyl0ovfgSc0S4UilnerAvfjM2tJGbaIzsAF_cVhUN-5duwYUuLKXIyB7v7IeHE86152ikHY63NDekQGoorwpqBamPayaASad-eikLwuzf-GMz5xKGp7e4Lv7GH5nTB0WEteq-jAPr3qvwXcA3YVBQ-HVl-R2ezWY6Lnc1tCUdUdYIU_ZsJM0n7rmCgru7yALyKUydSk_f9Hi30trCdB2D2TX-rZQ80m8VfGCPJpAZ5gCb0sY39Y_u53Wa-K3YHUrVPIk3Hh04rS6_0Dabds5MonKq3o7DooiDv66HzlEgUaqKUfxoak4_icC1RLEXi0qFESF_URVphzewjDZKmsRPybzevRnQxXZyD7hJ0X_Q16aa7tJ_bNIBGOXOSbAqqHmb-Fzxs-vgp9sUMzZkD18I85teIffG2oq-52dyxyp04u5kiPdD-HCVkNJInViE-rQPVgDXaEMOu3icRyWIn0XDMqep0IB7FZwU9gDrN6VbymnQiOOjUDG9fFyPbxIodnsFnF9pXyXFu6tE60klBvAsaEECOVsDWe96GJv2DzluBwGAq7bMLIKMfpx-EDO5PZxpFEmFv2Xn8nrqGjhqFW-lG8wJEjGoX75if661F1balhLd0VNBK4wHc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 04:07:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F980
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

26ms
25ms

Document
text/html

142.250.200.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
URL: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s29-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmGVvlQJQgZ-1A6Bp1KzNcrQvd2AWb9cnHIl84IBmFCeCxxHWE8ELcZDmSBTOI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 15 Sep 2021 04:07:13 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 15-Sep-2021 05:07:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 15 Sep 2021 04:07:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 15 Sep 2021 04:07:13 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 69FA 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 185da1b39615dd5eadfaf0df689205ac356661a920331c321631f20b0ec66a2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4D8B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bc6969e4c103cf0ace47c849f232be2dd457493d7ffd4e892b926d0d0f34016

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 4D8B 20 KB
20 KB 20ms
20ms Font
font/woff2 172.217.169.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.169.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s09-in-f3.1e100.net

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 12:56:10 GMT
x-content-type-options: nosniff
age: 227463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 12:56:10 GMT

GET
H3 200 oascontroller.,728x90, Show response
fundingchoicesmessages.google.com/f/AGSKWxWkNXbxFCH4qYemEovI--SmRY5OdGNpelMq2FA4lR8mouZV5hIjR7sm-I1csfvSEFUW-7cwkHDjnWi10reD7A1Lza9oXD1BCBEwcvt_kOSs2JuhtjrulXi1fULq8dcIRWy4qzCouZ8-hP6xG76XO3bIntGpn... 54 B
107 B 34ms
33ms Script
application/javascript 142.250.200.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWkNXbxFCH4qYemEovI--SmRY5OdGNpelMq2FA4lR8mouZV5hIjR7sm-I1csfvSEFUW-7cwkHDjnWi10reD7A1Lza9oXD1BCBEwcvt_kOSs2JuhtjrulXi1fULq8dcIRWy4qzCouZ8-hP6xG76XO3bIntGpnfdMRwIhALq__PGb-2BrdUnD4putCtDh92f54A5tYvSn1EqSAqDFfgFKDRxps8NlCVGDKLr4rU7ey0EEnUI=/_/partnerbanner./getadcontent./leftad_/oascontroller.,728x90,

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.569LMJ-zT2A.es5.O/d=1/rs=AJlcJMxf1fUZaP8HwMT9JN0u3p7fRkfR5A/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

ESF /

Resource Hash

6d5366b1c02ab3dbe1b4ddbf0dd589f41c5bac463deb2f9c383d61d358cde75b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zTmMYsXEVX5EdzqyvPAhqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-zTmMYsXEVX5EdzqyvPAhqg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-zTmMYsXEVX5EdzqyvPAhqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-zTmMYsXEVX5EdzqyvPAhqg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 72 KB
27 KB 19ms
18ms Script
text/javascript 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.569LMJ-zT2A.es5.O/d=1/rs=AJlcJMxf1fUZaP8HwMT9JN0u3p7fRkfR5A/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

37f76058b57e779a8cca49136023ff354d4b32ed6c3a930b3be6a0b987a09b8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27565
x-xss-protection: 0
server: cafe
etag: 13043736828238691780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 05:02:50 GMT

POST
H3 204 AGSKWxW9DGwcyhig_aFyxBMYJCHr8cLHMXaSxAno6-MErleJOchtAgQRFpM4_yB-e8bv4O6YKD1VTwHi1Ikk5p6deCk6pcCNtDImHcw35jANfDN6f1z_oIbvKTG7fb1X0oJzIovcUTPUIfao1StkCltJufbFByJRKm0YjQxjcFznSgJDksWGlnN4p7aZEOgH Show response
fundingchoicesmessages.google.com/el/ 0
26 B 37ms
36ms XHR
text/html 142.250.200.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW9DGwcyhig_aFyxBMYJCHr8cLHMXaSxAno6-MErleJOchtAgQRFpM4_yB-e8bv4O6YKD1VTwHi1Ikk5p6deCk6pcCNtDImHcw35jANfDN6f1z_oIbvKTG7fb1X0oJzIovcUTPUIfao1StkCltJufbFByJRKm0YjQxjcFznSgJDksWGlnN4p7aZEOgH

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.569LMJ-zT2A.es5.O/d=1/rs=AJlcJMxf1fUZaP8HwMT9JN0u3p7fRkfR5A/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cY6b/Ix6DJyIaE8L51fWaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-cY6b/Ix6DJyIaE8L51fWaw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.loginask.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Sep 2021 04:07:13 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.loginask.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-cY6b/Ix6DJyIaE8L51fWaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-cY6b/Ix6DJyIaE8L51fWaw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.569LMJ-zT2A.es5.O/d=1/rs=AJlcJMxf1fUZaP8HwMT9JN0u3p7fRkfR5A/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2zyX/kU0ZWb/mZQxNZ1B2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-2zyX/kU0ZWb/mZQxNZ1B2Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.loginask.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Sep 2021 04:07:13 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.loginask.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-2zyX/kU0ZWb/mZQxNZ1B2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-2zyX/kU0ZWb/mZQxNZ1B2Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.569LMJ-zT2A.es5.O/d=1/rs=AJlcJMxf1fUZaP8HwMT9JN0u3p7fRkfR5A/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T48raDgOUSG9ZQH1j6VobA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-T48raDgOUSG9ZQH1j6VobA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.loginask.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Sep 2021 04:07:14 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.loginask.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-T48raDgOUSG9ZQH1j6VobA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-T48raDgOUSG9ZQH1j6VobA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVvxhsjCM-tozU-BLIaqc7wA9AZrwNZnXzGMHyuAD_wzLfP-lpjDhSBCuEBIO03NI5AUJJLx8OVSb2lerlCgzfzvfcyWgp_G2A-JZ3sZyFeDtnIbdiLvOf5Zlp80sPPV3tPuHgo2BrQq_d389gJNoteV35YpGpaqFNRtTYPBmDvXUEJjdVCLe5ZZMYh Show response
fundingchoicesmessages.google.com/f/ 70 KB
25 KB 57ms
56ms Script
application/javascript 142.250.200.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVvxhsjCM-tozU-BLIaqc7wA9AZrwNZnXzGMHyuAD_wzLfP-lpjDhSBCuEBIO03NI5AUJJLx8OVSb2lerlCgzfzvfcyWgp_G2A-JZ3sZyFeDtnIbdiLvOf5Zlp80sPPV3tPuHgo2BrQq_d389gJNoteV35YpGpaqFNRtTYPBmDvXUEJjdVCLe5ZZMYh?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjMxNjc4ODMzLDk3NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsMTAsNl1dLCJodHRwczovL3d3dy5sb2dpbmFzay5jb20vYXJ2ZXN0LW1vYmlsZS1iYW5raW5nLW9ubGluZS1zaWduLWluLWJhbmsiXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.569LMJ-zT2A.es5.O/d=1/rs=AJlcJMxf1fUZaP8HwMT9JN0u3p7fRkfR5A/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

ESF /

Resource Hash

c9edea5b7bf15fca4c602a29206c9681b2793ecca562c053634eab5d776fe284

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sPiPhpTM9UY3rI8HSE5iLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-sPiPhpTM9UY3rI8HSE5iLw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 04:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-sPiPhpTM9UY3rI8HSE5iLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-sPiPhpTM9UY3rI8HSE5iLw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.569LMJ-zT2A.es5.O/d=1/rs=AJlcJMxf1fUZaP8HwMT9JN0u3p7fRkfR5A/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1G0VaRiv8A8Tf5361h5L7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-1G0VaRiv8A8Tf5361h5L7w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.loginask.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Sep 2021 04:07:14 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.loginask.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-1G0VaRiv8A8Tf5361h5L7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-1G0VaRiv8A8Tf5361h5L7w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUuHJqG3jlXCHbh2olzBqAvtOMM5EoWpPpuEv-2ZYj1eYfQHTqhLZ66dqihPqvnrN5e9pKknjzQNII0bm7ocJV3jchvFcGGlgRSof0I2GafNzU7aNW_k_p91cpSZRdHAdhXc_0ceRRcGzINMEy3dcQLlRhs0bF1zczl8581RunkxF-7IQkkQwM59h_q Show response
fundingchoicesmessages.google.com/el/ 0
27 B 38ms
38ms XHR
text/html 142.250.200.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUuHJqG3jlXCHbh2olzBqAvtOMM5EoWpPpuEv-2ZYj1eYfQHTqhLZ66dqihPqvnrN5e9pKknjzQNII0bm7ocJV3jchvFcGGlgRSof0I2GafNzU7aNW_k_p91cpSZRdHAdhXc_0ceRRcGzINMEy3dcQLlRhs0bF1zczl8581RunkxF-7IQkkQwM59h_q

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.2Tz5orR2mnM.es5.O/d=1/rs=AJlcJMx69u2mjWYyo5jOLpeSmuVIVH6NEg/m=cookie_refresh

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d0dUHdrZCQ9a1eG99tV4tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-d0dUHdrZCQ9a1eG99tV4tA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.loginask.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Sep 2021 04:07:14 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.loginask.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-d0dUHdrZCQ9a1eG99tV4tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-d0dUHdrZCQ9a1eG99tV4tA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4B9gh+vgGg3nT1AtH/Yoqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-4B9gh+vgGg3nT1AtH/Yoqw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.loginask.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Sep 2021 04:07:14 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.loginask.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-4B9gh+vgGg3nT1AtH/Yoqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-4B9gh+vgGg3nT1AtH/Yoqw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bqi.php
lg3.media.net/ 15 B
15 B 3539ms
10ms Image
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&pid=8PO4PUVE3&katid=808060795&kals=ttype%3D10017%7C%7Cpc%3D9&katen=1&pc=9&kata=aton&katbid=-21&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&cme=-qkzMpzS_SLC6x2BHG87rAZzBCfWToEmXvv6b0l8LWBIrIY5KQzRqfW5Wlz_RBpgt1lLcdteVZ6O33FBsAxWRwlZWMWMoGLZnLb7tAVbcYCgNP3mNtrmWPNwqx4GHOMcKcCB4TkQ8fgUrnRJl2YYeBsLjlJP8Mo3CwvmK6CtiXtkcBgFvU6q4Vm-KUaahMRiOcV_209goab4Y4tZM34pfnZ9iDe5uQ0Z||NDHRnZ9Gz3KXlI-i9OnZqQ==|5gDUJdTGiJzedmq9hanWYg==|sRBSg3CPSiQ=|HxHl-Pawf_6GhOz9mQFOABywBgAcuz_ab9_U2bAGwZr49uKpM0A2Q1LmoWZNoMQgWND9Mkfpxqdxl5G9J81f4v1GoLVbfYAMTsoqvnkDbWg0wwuQrmrG8yDTRTfMrYhB|N7fu2vKt8_s=|hecQkeldXNJOpoyye_XpPcUnK09w2mRVy21YvV3Rmxi89jSA1n9CsEEIc8eIQuRF1HUwV_1q4MQfNbkdNd4ZKyKK4RutQy_UnClKXO8szJaUD-UwWTBX5_C482JdpCMLBkGwHaqyF6tLbejrAz_JLbodhA-f0KM5mvULsam2qIqTKe0YYXrBDwa03E-ba-bUYXxmePVeeVhfXeozQQ9jWA==|&gdpr=1&prid=8PRRE5KU4&cid=8CUW5E86S&crid=648708063&requrl=https%3A%2F%2Fwww.loginask.com%2Farvest-mobile-banking-online-sign-in-bank%3Fcid%3D60b138947d6bc05cfbcdfb57&vi=1631678832538474419&ugd=4&cc=DE&sc=HE&startTime=1631678832719&l2type=setting&vgd_l1rakh=1631678832176171936&l1ch=1&sttm=1631678832726&upk=1631678833.10263&hvsid=00001631678832726036324930569545&verid=3121199&vgd_sc=HE&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&l1hcsd=l1!A18|6026&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&clp=%7B%7D&cl=%7B%7D&l2ch=0&l2wsip=2887305235&sethcsd=set!A1%7C6120&vgd_pgid=p0799840541t202109150407&vgd_pgids=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.loginask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Wed, 15 Sep 2021 04:07:17 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Wed, 15 Sep 2021 04:07:17 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 69FA 42 B
64 B 40ms
37ms Fetch
image/gif 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv37qpsh5gsPm2H6A_2IwkoCGuYHuYSS6VThnMIcfnvBpjNwnBkPKG0QPxLeRN98xNE1wsgYxs33XdxI42Z1ix1I49zX4zFrMNdNn6c1AyiBJqPOb6Ltg&sai=AMfl-YQZlY6JHuaExSr9gY9IXJ_uw1iaHKGNpcUX6Pc1QckNb5Ue_uIQOlwf6EL13lwm6hSAyxl7IMBMUasacjaaD7zjBBTG22iJuHl6maX0nNKbVKdlDj1Xjrkt-Ca5B8yS&sig=Cg0ArKJSzD7zyXLtoZbhEAE&id=lidar2&mcvt=1000&p=78,50,678,350&asp=78,50,678,350&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210913&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3646272678&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1631678833513&rpt=310&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 04:07:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4D8B 42 B
64 B 44ms
44ms Fetch
image/gif 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvh8jfjikz5sUxZZV1jz7dJuIxRdsE5Z9yeSVLFMsMdn5gjpOXp4gi-Lx1iy_rg7z13EH43z8_4EJFBR2VdftQM4s-M1AnHeWyOVL-hQbxe8QvrhDKUbKP109naPvwTsHQLwRNY_CEGkj2&sai=AMfl-YRajLYlMcWn01bUu4jYDizfe9-57v8Nw6f4PDqldDqfd6OY7gHYcg-QMd_LdGPfuce9K3F-nq9qc1DTcdHrcI9HIWtA8HtVA7_Feg5eCco1HkAB8FmJ-mOOAuZp-uKK&sig=Cg0ArKJSzOjKe3CNp5azEAE&id=lidar2&mcvt=1000&p=326,460,626,1140&asp=326,460,626,1140&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210913&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4294892253&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1631678833507&rpt=370&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 04:07:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 50ms
25ms Ping
text/plain 142.250.200.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-MS3SWZ891Q&gtm=2oe9d0&_p=1032948873&sr=1600x1200&ul=en-us&cid=876521406.1631678833&_s=2&dl=https%3A%2F%2Fwww.loginask.com%2Farvest-mobile-banking-online-sign-in-bank%3Fcid%3D60b138947d6bc05cfbcdfb57&dt=arvest.cardmanager.com%20Login%20Information%2C%20Account%7CLoginask&sid=1631678832&sct=1&seg=0&en=scroll&_et=88&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MS3SWZ891Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.200.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr48s29-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.loginask.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 04:07:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.loginask.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ebayadservices.com/marketingtracking/v1	1970-01-19 23:24:14	Name: adguid Value: 4d6dde2ac7ea4edb88c2902f18de8b92
www.loginask.com/	1970-01-19 21:14:46	Name: XSRF-TOKEN Value: eyJpdiI6ImFqUDlpcTE1VFRjZ09cLzV3d0pnczN3PT0iLCJ2YWx1ZSI6IkVvVlJnUXRuTXFQdmxMMUMrelJ5WEJ1RHRzUU05ZlVuVlVsMFwveGgxMzhKajVLZFliTzNkd0poVmRqQ01JXC80ZiIsIm1hYyI6ImQxZDI3MDNmZGZlYTJlMTgxZGFhZTk1YjVjOTdhZDlkMzI0MTFmMGE2ZTVkYWE5OWUyMDM2ZGE2ZjZlYjJmNjUifQ%3D%3D
www.loginask.com/	1970-01-19 21:14:46	Name: laravel_session Value: eyJpdiI6IlFDUzlhK25GSUdhRG53Y0JEcVRsbnc9PSIsInZhbHVlIjoiT0pQUmtVVWZyWnBoQmQxa0xQQW5lZGhKeUF1WmRoWm9WeHhsVUJLMHczRWVKSHNcL1kzVkY1UlQrXC9icDRsY1wvYyIsIm1hYyI6IjhkZjg5OGFkN2QzMTEwMDc4NTk2MWQ4NTJlOGIwY2MyODk0MTZmMTZkMGM2YWIwOWI0ZThiNGUzOTI2ZWJkMmUifQ%3D%3D
.media.net/	1970-01-20 01:41:02	Name: gdpr_status Value: 1
.loginask.com/	1970-01-20 14:45:50	Name: _ga_MS3SWZ891Q Value: GS1.1.1631678832.1.0.1631678832.0
.loginask.com/	1970-01-20 14:45:50	Name: _ga Value: GA1.1.876521406.1631678833
www.loginask.com/	1970-01-19 21:14:40	Name: session_depth Value: www.loginask.com%3D1%7C648708063%3D1
.loginask.com/	1970-01-19 23:24:14	Name: _fbp Value: fb.1.1631678832885.1892984377
.loginask.com/	1970-01-20 06:36:14	Name: __gads Value: ID=f53afada704e4b2e-223dc7e924cb0048:T=1631678832:S=ALNI_MazHOQ_NFnBMnc2SM7WHY5PRsml_g
.doubleclick.net/	1970-01-20 06:36:14	Name: IDE Value: AHWqTUmGVvlQJQgZ-1A6Bp1KzNcrQvd2AWb9cnHIl84IBmFCeCxxHWE8ELcZDmSBTOI
.doubleclick.net/	1970-01-19 21:14:42	Name: DSID Value: NO_DATA
.loginask.com/	1970-01-20 06:36:14	Name: FCCDCF Value: [["AKsRol9kH41ymF-TfN-cbOtzodjimCMVYNotBYGs1saCuX63KC2b_XjAAYvxwVTy5cLCqGsGF66AbPWzallvyFPvkaXgtv2iEhNBn6KZKhDxcJ6cdEDw4MOTqBQPdUAlhdHPnjgNuJKJF0KJ-KFRHcvpuCGDdu4sfg=="],null,["[[],[],[],[],null,null,true]",1631678833004],null,null]
.loginask.com/	1970-01-20 06:00:14	Name: FCNEC Value: [["AKsRol9kH41ymF-TfN-cbOtzodjimCMVYNotBYGs1saCuX63KC2b_XjAAYvxwVTy5cLCqGsGF66AbPWzallvyFPvkaXgtv2iEhNBn6KZKhDxcJ6cdEDw4MOTqBQPdUAlhdHPnjgNuJKJF0KJ-KFRHcvpuCGDdu4sfg=="]]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	ALLOW FROM https://www.google.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
connect.facebook.net
contextual.media.net
e46bdb8fdb27dcb55b30b30a8b621ff5.safeframe.googlesyndication.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
lg3.media.net
pagead2.googlesyndication.com
partner.googleadservices.com
secureir.ebaystatic.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.ebayadservices.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.loginask.com
104.21.19.203
104.75.89.51
142.250.178.1
142.250.178.2
142.250.178.8
142.250.179.226
142.250.179.238
142.250.180.10
142.250.187.194
142.250.187.206
142.250.187.226
142.250.187.234
142.250.200.14
142.250.200.2
142.250.200.34
142.250.200.46
172.217.169.3
172.217.169.67
184.30.24.22
185.60.218.24
185.60.218.35
209.140.129.51
216.58.212.225
216.58.213.4
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185da1b39615dd5eadfaf0df689205ac356661a920331c321631f20b0ec66a2d
189509e99e4bd31036f216a02d47221b9b471e775da2eaffd4452fa40479fb9b
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
270be58b040d0b59d87a4deea0ca09e1b49916b84858005cd3e3e1f2d302ba32
2e23e2112b41c45a51ce100c204f0fd4759dfe3c958c5727f77c258e92c05d9d
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
34ecbed7b7a8a54fecc746fc9711f73b5c56698f06d36640c9e3a23b07b6cddf
379728be2d7795529aeed2b55757fc1e6b00aa0513d0c2ca395e5810d14adcec
37f76058b57e779a8cca49136023ff354d4b32ed6c3a930b3be6a0b987a09b8f
3a90f674b9de9e0f29a760c072fb7dfa69b367768ba3b554ccba4dd72e410777
3ca63fe3357516272d00401cfe41ece37ad4cbcc0f5f742da268fb6aca609f9a
3d86f67191ba243508ba7a40253f75c8d9eda257b270287dc02b653c48c5ca10
3fccfb3082b868d6de65a9f598bad6e4e947ff863848ca177be8945874112830
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4889ea14062280806d1a3891f57c2d36f72bf1b26cda2ae833759be260b37e93
4a7123bd1622d5a4fd37f3e7ffda2a8551dc27990389e220d3f40e2152444c04
4ade2e1da1541ca7a829992e9e886064dae168384b5c4225e99a1c08dda2a1c7
4bc6969e4c103cf0ace47c849f232be2dd457493d7ffd4e892b926d0d0f34016
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5199304ab5d27ab9d7b973bd8b5bebee0c6c4b2b884a870b364a7a2a01799909
55dd34bf871f39e0c94051607c4a7bb3c7f9deb493646be4e7f729f6f729cd95
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
6115059f2c4a2c8f61ae631a9c01930f18c12733d42f6773793cc347430ec90b
6139b4d0af528ec1d0e26ae865c1ca04ac061d844ffa6ccc9e4adaa3af93a2f7
68c0963132a718fb55a75766463363f92c5e418d2352ca29752150df50708a29
6d5366b1c02ab3dbe1b4ddbf0dd589f41c5bac463deb2f9c383d61d358cde75b
6d905ef73030456ba9c371c042c5ed7b15db76c7c9ff686b8fd5fc0e9c217458
717df14652123c35951a3c27185cadd70456c6f6c922be9650c6b45b3aa6f38b
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
7345db8b8745d32b70fbbb0867ab8488760e99ce94aa40a78e73ad7fcba15866
75a744e067dff8a30c1ccf9640126f24e23a726960acf65ea91530eafcc985b2
7618768090e32848b3c5abce05975b4257482e32a4e7b608bfa1cdda9ab67c3b
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
883f29a19ff15d7a03ea6a2a82e0a1408790816649359f8a35935bc96e233a15
89e590d44510a10b9602ebffa228e2d8a2f2aeb1acc462b51cd19df5f5434308
8d6d18f48c85508075824f7d7fd195cff24d9977bdbb3b4a2b47dfd2ff563763
939d7bf90fd3a15a1bb8ef0d8ce7ccf6e7774dbff6829b4101d8269a282b656e
944826e0abcde22f077a1de2970b30f3033e75a6d66b57db7e675c8adef20244
9627f6c06fd634e94588bdfec41d9dcb2289951551ab9a232104213487c85495
a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53370bafd75423424df54b6243b1f4faee89f59141201ec22021b4d53b1debb
a53cbe924173ea0ffba4559c1affe12b64ba2fc8f138d2f4fe56243be90aa3d4
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a90780934d15fac1fbcd388e13b6260a1899ec1742bb1a3db91d1fb43a1794d3
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b219fa166f2c854b27eb102e8a61552277a0758045f48c49a73aad9ba7208736
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bdbcf8525eb679d3308de9ffab9509f580edee3a58651017d8d80f22681e2f30
bf38412c603e0271caca4bb836b6cef517bf17ff6509fe8d84377c7f0b0e53ea
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c13082d88729f3f29f49a582a65ee1a8fe0cd899909b1c639915c9ada1da5e4a
c4daeba9e0b477683fe58414e70781c1e8ca24c3a3003b912815f824c1ea19c2
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c853c067ae554f5fd8d374a49b9706edc777ad85c38b1c96d0fa91673820cbf9
c9edea5b7bf15fca4c602a29206c9681b2793ecca562c053634eab5d776fe284
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd4be9c1bbc8fdfb849f860dc43f4075b9a9c7ac59ccba12d0e3e83ddeaa0d7f
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
fa65a92caf1e42d5063b845d9c16dca6ee05d8549e9fdbc7c9ffe80069c56930

www.loginask.com Open in urlscan Pro 104.21.19.203 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

116 Requests

100 %HTTPS

0 %IPv6

16 Domains

26 Subdomains

24 IPs

4 Countries

1745 kBTransfer

4227 kBSize

13 Cookies

10 Outgoing links

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.loginask.com Open in urlscan Pro
104.21.19.203 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

100 %
HTTPS

0 %
IPv6

16
Domains

26
Subdomains

24
IPs

4
Countries

1745 kB
Transfer

4227 kB
Size

13
Cookies

116 HTTP transactions
4 data transactions